From 283c93c57b7b8244cb1d6e5631ce18878ee96672 Mon Sep 17 00:00:00 2001
From: Jens Langhammer
Date: Fri, 23 Dec 2022 14:42:20 +0100
Subject: [PATCH] website: copy static files instead of linking them to prevent
cache issues
Signed-off-by: Jens Langhammer
---
.../stages/user_write/UserWriteStageForm.ts | 4 +-
website/.gitignore | 3 +
website/developer-docs/releases/index.md | 8 +-
website/package.json | 2 +-
website/static/docker-compose.yml | 82 +-
website/static/schema.yaml | 38492 +++++++++++++++-
6 files changed, 38583 insertions(+), 8 deletions(-)
mode change 120000 => 100644 website/static/docker-compose.yml
mode change 120000 => 100644 website/static/schema.yaml
diff --git a/web/src/admin/stages/user_write/UserWriteStageForm.ts b/web/src/admin/stages/user_write/UserWriteStageForm.ts
index 189ee8649..303488c6d 100644
--- a/web/src/admin/stages/user_write/UserWriteStageForm.ts
+++ b/web/src/admin/stages/user_write/UserWriteStageForm.ts
@@ -66,9 +66,7 @@ export class UserWriteStageForm extends ModelForm {
class="pf-c-check__input"
?checked=${first(this.instance?.canCreateUsers, false)}
/>
-
- ${t`Can create users`}
-
+ ${t`Can create users`}
${t`When enabled, this stage has the ability to create new users. If no user is available in the flow with this disabled, the stage will fail.`}
diff --git a/website/.gitignore b/website/.gitignore
index e1d31e6ac..a9e9900cb 100644
--- a/website/.gitignore
+++ b/website/.gitignore
@@ -19,3 +19,6 @@
npm-debug.log*
yarn-debug.log*
yarn-error.log*
+
+static/docker-compose.yml
+static/schema.yaml
diff --git a/website/developer-docs/releases/index.md b/website/developer-docs/releases/index.md
index 5874e9640..6b6195d43 100644
--- a/website/developer-docs/releases/index.md
+++ b/website/developer-docs/releases/index.md
@@ -152,7 +152,7 @@ Subject: `Release of authentik Security releases 2022.10.3 and 2022.11.3`
```markdown
The security advisory for CVE-2022-xxxxx has been published: https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf
-Releases with fixes are being built and will be available here: https://github.com/goauthentik/authentik/releases
+Releases 2022.10.3 and 2022.11.3 with fixes included are available here: https://github.com/goauthentik/authentik/releases
```
@@ -164,7 +164,11 @@ Releases with fixes are being built and will be available here: https://github.c
```markdown
[...existing announcement...]
-Edit: Advisory for for CVE-2022-xxxxx has been published here https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf, the fixed versions are currently building and will be available here: https://github.com/goauthentik/authentik/releases
+Edit:
+
+Advisory for for CVE-2022-xxxxx has been published here https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf
+
+The fixed versions 2022.10.3 and 2022.11.3 are available here: https://github.com/goauthentik/authentik/releases
```
diff --git a/website/package.json b/website/package.json
index 0c940a685..dbbf549fc 100644
--- a/website/package.json
+++ b/website/package.json
@@ -6,7 +6,7 @@
"scripts": {
"docusaurus": "docusaurus",
"watch": "docusaurus start",
- "build": "docusaurus build",
+ "build": "cp ../docker-compose.yml static/docker-compose.yml && cp ../schema.yml static/schema.yaml && docusaurus build",
"build-docs-only": "docusaurus build --config docusaurus.docs-only.js --out-dir help",
"swizzle": "docusaurus swizzle",
"deploy": "docusaurus deploy",
diff --git a/website/static/docker-compose.yml b/website/static/docker-compose.yml
deleted file mode 120000
index b3774a09e..000000000
--- a/website/static/docker-compose.yml
+++ /dev/null
@@ -1 +0,0 @@
-../../docker-compose.yml
\ No newline at end of file
diff --git a/website/static/docker-compose.yml b/website/static/docker-compose.yml
new file mode 100644
index 000000000..dccdea971
--- /dev/null
+++ b/website/static/docker-compose.yml
@@ -0,0 +1,81 @@
+---
+version: '3.4'
+
+services:
+ postgresql:
+ image: docker.io/library/postgres:12-alpine
+ restart: unless-stopped
+ healthcheck:
+ test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
+ start_period: 20s
+ interval: 30s
+ retries: 5
+ timeout: 5s
+ volumes:
+ - database:/var/lib/postgresql/data
+ environment:
+ - POSTGRES_PASSWORD=${PG_PASS:?database password required}
+ - POSTGRES_USER=${PG_USER:-authentik}
+ - POSTGRES_DB=${PG_DB:-authentik}
+ env_file:
+ - .env
+ redis:
+ image: docker.io/library/redis:alpine
+ command: --save 60 1 --loglevel warning
+ restart: unless-stopped
+ healthcheck:
+ test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
+ start_period: 20s
+ interval: 30s
+ retries: 5
+ timeout: 3s
+ volumes:
+ - redis:/data
+ server:
+ image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.11.4}
+ restart: unless-stopped
+ command: server
+ environment:
+ AUTHENTIK_REDIS__HOST: redis
+ AUTHENTIK_POSTGRESQL__HOST: postgresql
+ AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+ AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+ AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+ volumes:
+ - ./media:/media
+ - ./custom-templates:/templates
+ env_file:
+ - .env
+ ports:
+ - "0.0.0.0:${AUTHENTIK_PORT_HTTP:-9000}:9000"
+ - "0.0.0.0:${AUTHENTIK_PORT_HTTPS:-9443}:9443"
+ worker:
+ image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.11.4}
+ restart: unless-stopped
+ command: worker
+ environment:
+ AUTHENTIK_REDIS__HOST: redis
+ AUTHENTIK_POSTGRESQL__HOST: postgresql
+ AUTHENTIK_POSTGRESQL__USER: ${PG_USER:-authentik}
+ AUTHENTIK_POSTGRESQL__NAME: ${PG_DB:-authentik}
+ AUTHENTIK_POSTGRESQL__PASSWORD: ${PG_PASS}
+ # `user: root` and the docker socket volume are optional.
+ # See more for the docker socket integration here:
+ # https://goauthentik.io/docs/outposts/integrations/docker
+ # Removing `user: root` also prevents the worker from fixing the permissions
+ # on the mounted folders, so when removing this make sure the folders have the correct UID/GID
+ # (1000:1000 by default)
+ user: root
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+ - ./media:/media
+ - ./certs:/certs
+ - ./custom-templates:/templates
+ env_file:
+ - .env
+
+volumes:
+ database:
+ driver: local
+ redis:
+ driver: local
diff --git a/website/static/schema.yaml b/website/static/schema.yaml
deleted file mode 120000
index 38462cb09..000000000
--- a/website/static/schema.yaml
+++ /dev/null
@@ -1 +0,0 @@
-../../schema.yml
\ No newline at end of file
diff --git a/website/static/schema.yaml b/website/static/schema.yaml
new file mode 100644
index 000000000..392fd4808
--- /dev/null
+++ b/website/static/schema.yaml
@@ -0,0 +1,38491 @@
+openapi: 3.0.3
+info:
+ title: authentik
+ version: 2022.11.4
+ description: Making authentication simple.
+ contact:
+ email: hello@goauthentik.io
+ license:
+ name: MIT
+ url: https://github.com/goauthentik/authentik/blob/main/LICENSE
+paths:
+ /admin/apps/:
+ get:
+ operationId: admin_apps_list
+ description: Read-only view list all installed apps
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/App'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/metrics/:
+ get:
+ operationId: admin_metrics_retrieve
+ description: Login Metrics per 1h
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LoginMetrics'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/system/:
+ get:
+ operationId: admin_system_retrieve
+ description: Get system information.
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/System'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/system_tasks/:
+ get:
+ operationId: admin_system_tasks_list
+ description: List system tasks
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Task'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/system_tasks/{id}/:
+ get:
+ operationId: admin_system_tasks_retrieve
+ description: Get a single system task
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Task'
+ description: ''
+ '404':
+ description: Task not found
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/system_tasks/{id}/retry/:
+ post:
+ operationId: admin_system_tasks_retry_create
+ description: Retry task
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: string
+ required: true
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Task retried successfully
+ '404':
+ description: Task not found
+ '500':
+ description: Failed to retry task
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/version/:
+ get:
+ operationId: admin_version_retrieve
+ description: Get running and latest version.
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Version'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /admin/workers/:
+ get:
+ operationId: admin_workers_retrieve
+ description: Get currently connected worker count.
+ tags:
+ - admin
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Workers'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/all/:
+ get:
+ operationId: authenticators_admin_all_list
+ description: Get all devices for current user
+ parameters:
+ - in: query
+ name: user
+ schema:
+ type: integer
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Device'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/duo/:
+ get:
+ operationId: authenticators_admin_duo_list
+ description: Viewset for Duo authenticator devices (for admins)
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDuoDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: authenticators_admin_duo_create
+ description: Viewset for Duo authenticator devices (for admins)
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/duo/{id}/:
+ get:
+ operationId: authenticators_admin_duo_retrieve
+ description: Viewset for Duo authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_admin_duo_update
+ description: Viewset for Duo authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_admin_duo_partial_update
+ description: Viewset for Duo authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDuoDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_admin_duo_destroy
+ description: Viewset for Duo authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/sms/:
+ get:
+ operationId: authenticators_admin_sms_list
+ description: Viewset for sms authenticator devices (for admins)
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSMSDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: authenticators_admin_sms_create
+ description: Viewset for sms authenticator devices (for admins)
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/sms/{id}/:
+ get:
+ operationId: authenticators_admin_sms_retrieve
+ description: Viewset for sms authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_admin_sms_update
+ description: Viewset for sms authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_admin_sms_partial_update
+ description: Viewset for sms authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedSMSDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_admin_sms_destroy
+ description: Viewset for sms authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/static/:
+ get:
+ operationId: authenticators_admin_static_list
+ description: Viewset for static authenticator devices (for admins)
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedStaticDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: authenticators_admin_static_create
+ description: Viewset for static authenticator devices (for admins)
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/static/{id}/:
+ get:
+ operationId: authenticators_admin_static_retrieve
+ description: Viewset for static authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_admin_static_update
+ description: Viewset for static authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_admin_static_partial_update
+ description: Viewset for static authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedStaticDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_admin_static_destroy
+ description: Viewset for static authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/totp/:
+ get:
+ operationId: authenticators_admin_totp_list
+ description: Viewset for totp authenticator devices (for admins)
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedTOTPDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: authenticators_admin_totp_create
+ description: Viewset for totp authenticator devices (for admins)
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/totp/{id}/:
+ get:
+ operationId: authenticators_admin_totp_retrieve
+ description: Viewset for totp authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_admin_totp_update
+ description: Viewset for totp authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_admin_totp_partial_update
+ description: Viewset for totp authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedTOTPDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_admin_totp_destroy
+ description: Viewset for totp authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/webauthn/:
+ get:
+ operationId: authenticators_admin_webauthn_list
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: authenticators_admin_webauthn_create
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/admin/webauthn/{id}/:
+ get:
+ operationId: authenticators_admin_webauthn_retrieve
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_admin_webauthn_update
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_admin_webauthn_partial_update
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_admin_webauthn_destroy
+ description: Viewset for WebAuthn authenticator devices (for admins)
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/all/:
+ get:
+ operationId: authenticators_all_list
+ description: Get all devices for current user
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Device'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/duo/:
+ get:
+ operationId: authenticators_duo_list
+ description: Viewset for Duo authenticator devices
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDuoDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/duo/{id}/:
+ get:
+ operationId: authenticators_duo_retrieve
+ description: Viewset for Duo authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_duo_update
+ description: Viewset for Duo authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_duo_partial_update
+ description: Viewset for Duo authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDuoDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_duo_destroy
+ description: Viewset for Duo authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/duo/{id}/used_by/:
+ get:
+ operationId: authenticators_duo_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Duo Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/sms/:
+ get:
+ operationId: authenticators_sms_list
+ description: Viewset for sms authenticator devices
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSMSDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/sms/{id}/:
+ get:
+ operationId: authenticators_sms_retrieve
+ description: Viewset for sms authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_sms_update
+ description: Viewset for sms authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_sms_partial_update
+ description: Viewset for sms authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedSMSDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SMSDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_sms_destroy
+ description: Viewset for sms authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/sms/{id}/used_by/:
+ get:
+ operationId: authenticators_sms_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SMS Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/static/:
+ get:
+ operationId: authenticators_static_list
+ description: Viewset for static authenticator devices
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedStaticDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/static/{id}/:
+ get:
+ operationId: authenticators_static_retrieve
+ description: Viewset for static authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_static_update
+ description: Viewset for static authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_static_partial_update
+ description: Viewset for static authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedStaticDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/StaticDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_static_destroy
+ description: Viewset for static authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/static/{id}/used_by/:
+ get:
+ operationId: authenticators_static_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this static device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/totp/:
+ get:
+ operationId: authenticators_totp_list
+ description: Viewset for totp authenticator devices
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedTOTPDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/totp/{id}/:
+ get:
+ operationId: authenticators_totp_retrieve
+ description: Viewset for totp authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_totp_update
+ description: Viewset for totp authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_totp_partial_update
+ description: Viewset for totp authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedTOTPDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TOTPDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_totp_destroy
+ description: Viewset for totp authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/totp/{id}/used_by/:
+ get:
+ operationId: authenticators_totp_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this TOTP device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/webauthn/:
+ get:
+ operationId: authenticators_webauthn_list
+ description: Viewset for WebAuthn authenticator devices
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/webauthn/{id}/:
+ get:
+ operationId: authenticators_webauthn_retrieve
+ description: Viewset for WebAuthn authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: authenticators_webauthn_update
+ description: Viewset for WebAuthn authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDeviceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: authenticators_webauthn_partial_update
+ description: Viewset for WebAuthn authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: authenticators_webauthn_destroy
+ description: Viewset for WebAuthn authenticator devices
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /authenticators/webauthn/{id}/used_by/:
+ get:
+ operationId: authenticators_webauthn_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this WebAuthn Device.
+ required: true
+ tags:
+ - authenticators
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/:
+ get:
+ operationId: core_applications_list
+ description: Custom list method that checks Policy based access instead of guardian
+ parameters:
+ - in: query
+ name: group
+ schema:
+ type: string
+ - in: query
+ name: meta_description
+ schema:
+ type: string
+ - in: query
+ name: meta_launch_url
+ schema:
+ type: string
+ - in: query
+ name: meta_publisher
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ - in: query
+ name: superuser_full_list
+ schema:
+ type: boolean
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedApplicationList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: core_applications_create
+ description: Application Viewset
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ApplicationRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Application'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/:
+ get:
+ operationId: core_applications_retrieve
+ description: Application Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Application'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: core_applications_update
+ description: Application Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ApplicationRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Application'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: core_applications_partial_update
+ description: Application Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedApplicationRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Application'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_applications_destroy
+ description: Application Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/check_access/:
+ get:
+ operationId: core_applications_check_access_retrieve
+ description: Check access to a single application by slug
+ parameters:
+ - in: query
+ name: for_user
+ schema:
+ type: integer
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyTestResult'
+ description: ''
+ '404':
+ description: for_user user not found
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/metrics/:
+ get:
+ operationId: core_applications_metrics_list
+ description: Metrics for application logins
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/set_icon/:
+ post:
+ operationId: core_applications_set_icon_create
+ description: Set application icon
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/FileUploadRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/set_icon_url/:
+ post:
+ operationId: core_applications_set_icon_url_create
+ description: Set application icon (as URL)
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FilePathRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/applications/{slug}/used_by/:
+ get:
+ operationId: core_applications_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal application name, used in URLs.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/authenticated_sessions/:
+ get:
+ operationId: core_authenticated_sessions_list
+ description: AuthenticatedSession Viewset
+ parameters:
+ - in: query
+ name: last_ip
+ schema:
+ type: string
+ - in: query
+ name: last_user_agent
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: user__username
+ schema:
+ type: string
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/authenticated_sessions/{uuid}/:
+ get:
+ operationId: core_authenticated_sessions_retrieve
+ description: AuthenticatedSession Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticated Session.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatedSession'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_authenticated_sessions_destroy
+ description: AuthenticatedSession Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticated Session.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/authenticated_sessions/{uuid}/used_by/:
+ get:
+ operationId: core_authenticated_sessions_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticated Session.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/groups/:
+ get:
+ operationId: core_groups_list
+ description: Group Viewset
+ parameters:
+ - in: query
+ name: attributes
+ schema:
+ type: string
+ description: Attributes
+ - in: query
+ name: is_superuser
+ schema:
+ type: boolean
+ - in: query
+ name: members_by_pk
+ schema:
+ type: array
+ items:
+ type: integer
+ explode: true
+ style: form
+ - in: query
+ name: members_by_username
+ schema:
+ type: array
+ items:
+ type: string
+ description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
+ only.
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedGroupList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: core_groups_create
+ description: Group Viewset
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GroupRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Group'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/groups/{group_uuid}/:
+ get:
+ operationId: core_groups_retrieve
+ description: Group Viewset
+ parameters:
+ - in: path
+ name: group_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this group.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Group'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: core_groups_update
+ description: Group Viewset
+ parameters:
+ - in: path
+ name: group_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this group.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GroupRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Group'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: core_groups_partial_update
+ description: Group Viewset
+ parameters:
+ - in: path
+ name: group_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this group.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedGroupRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Group'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_groups_destroy
+ description: Group Viewset
+ parameters:
+ - in: path
+ name: group_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this group.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/groups/{group_uuid}/used_by/:
+ get:
+ operationId: core_groups_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: group_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this group.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tenants/:
+ get:
+ operationId: core_tenants_list
+ description: Tenant Viewset
+ parameters:
+ - in: query
+ name: branding_favicon
+ schema:
+ type: string
+ - in: query
+ name: branding_logo
+ schema:
+ type: string
+ - in: query
+ name: branding_title
+ schema:
+ type: string
+ - in: query
+ name: default
+ schema:
+ type: boolean
+ - in: query
+ name: domain
+ schema:
+ type: string
+ - in: query
+ name: event_retention
+ schema:
+ type: string
+ - in: query
+ name: flow_authentication
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: flow_device_code
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: flow_invalidation
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: flow_recovery
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: flow_unenrollment
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: flow_user_settings
+ schema:
+ type: string
+ format: uuid
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: web_certificate
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedTenantList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: core_tenants_create
+ description: Tenant Viewset
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TenantRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Tenant'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tenants/{tenant_uuid}/:
+ get:
+ operationId: core_tenants_retrieve
+ description: Tenant Viewset
+ parameters:
+ - in: path
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Tenant.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Tenant'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: core_tenants_update
+ description: Tenant Viewset
+ parameters:
+ - in: path
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Tenant.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TenantRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Tenant'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: core_tenants_partial_update
+ description: Tenant Viewset
+ parameters:
+ - in: path
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Tenant.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedTenantRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Tenant'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_tenants_destroy
+ description: Tenant Viewset
+ parameters:
+ - in: path
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Tenant.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tenants/{tenant_uuid}/used_by/:
+ get:
+ operationId: core_tenants_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: tenant_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Tenant.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tenants/current/:
+ get:
+ operationId: core_tenants_current_retrieve
+ description: Get current tenant
+ tags:
+ - core
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CurrentTenant'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tokens/:
+ get:
+ operationId: core_tokens_list
+ description: Token Viewset
+ parameters:
+ - in: query
+ name: description
+ schema:
+ type: string
+ - in: query
+ name: expires
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: expiring
+ schema:
+ type: boolean
+ - in: query
+ name: identifier
+ schema:
+ type: string
+ - in: query
+ name: intent
+ schema:
+ type: string
+ enum:
+ - api
+ - app_password
+ - recovery
+ - verification
+ - in: query
+ name: managed
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: user__username
+ schema:
+ type: string
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedTokenList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: core_tokens_create
+ description: Token Viewset
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TokenRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Token'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tokens/{identifier}/:
+ get:
+ operationId: core_tokens_retrieve
+ description: Token Viewset
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Token'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: core_tokens_update
+ description: Token Viewset
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TokenRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Token'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: core_tokens_partial_update
+ description: Token Viewset
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedTokenRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Token'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_tokens_destroy
+ description: Token Viewset
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tokens/{identifier}/set_key/:
+ post:
+ operationId: core_tokens_set_key_create
+ description: Return token key and log access
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TokenSetKeyRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully changed key
+ '400':
+ description: Missing key
+ '404':
+ description: Token not found or expired
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tokens/{identifier}/used_by/:
+ get:
+ operationId: core_tokens_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/tokens/{identifier}/view_key/:
+ get:
+ operationId: core_tokens_view_key_retrieve
+ description: Return token key and log access
+ parameters:
+ - in: path
+ name: identifier
+ schema:
+ type: string
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/TokenView'
+ description: ''
+ '404':
+ description: Token not found or expired
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/user_consent/:
+ get:
+ operationId: core_user_consent_list
+ description: UserConsent Viewset
+ parameters:
+ - in: query
+ name: application
+ schema:
+ type: string
+ format: uuid
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: user
+ schema:
+ type: integer
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserConsentList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/user_consent/{id}/:
+ get:
+ operationId: core_user_consent_retrieve
+ description: UserConsent Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Consent.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserConsent'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_user_consent_destroy
+ description: UserConsent Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Consent.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/user_consent/{id}/used_by/:
+ get:
+ operationId: core_user_consent_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Consent.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/:
+ get:
+ operationId: core_users_list
+ description: User Viewset
+ parameters:
+ - in: query
+ name: attributes
+ schema:
+ type: string
+ description: Attributes
+ - in: query
+ name: email
+ schema:
+ type: string
+ - in: query
+ name: groups_by_name
+ schema:
+ type: array
+ items:
+ type: string
+ explode: true
+ style: form
+ - in: query
+ name: groups_by_pk
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: is_active
+ schema:
+ type: boolean
+ - in: query
+ name: is_superuser
+ schema:
+ type: boolean
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: path
+ schema:
+ type: string
+ - in: query
+ name: path_startswith
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: username
+ schema:
+ type: string
+ - in: query
+ name: uuid
+ schema:
+ type: string
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: core_users_create
+ description: User Viewset
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/:
+ get:
+ operationId: core_users_retrieve
+ description: User Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: core_users_update
+ description: User Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: core_users_partial_update
+ description: User Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/User'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: core_users_destroy
+ description: User Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/metrics/:
+ get:
+ operationId: core_users_metrics_retrieve
+ description: User metrics per 1h
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserMetrics'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/recovery/:
+ get:
+ operationId: core_users_recovery_retrieve
+ description: Create a temporary link that a user can use to recover their accounts
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Link'
+ description: ''
+ '404':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Link'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/recovery_email/:
+ get:
+ operationId: core_users_recovery_email_retrieve
+ description: Create a temporary link that a user can use to recover their accounts
+ parameters:
+ - in: query
+ name: email_stage
+ schema:
+ type: string
+ required: true
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully sent recover email
+ '404':
+ description: Bad request
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/set_password/:
+ post:
+ operationId: core_users_set_password_create
+ description: Set password for user
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserPasswordSetRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully changed password
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/{id}/used_by/:
+ get:
+ operationId: core_users_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User.
+ required: true
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/me/:
+ get:
+ operationId: core_users_me_retrieve
+ description: Get information about current user
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SessionUser'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/paths/:
+ get:
+ operationId: core_users_paths_retrieve
+ description: Get all user paths
+ parameters:
+ - in: query
+ name: search
+ schema:
+ type: string
+ tags:
+ - core
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserPath'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /core/users/service_account/:
+ post:
+ operationId: core_users_service_account_create
+ description: Create a new user account that is marked as a service account
+ tags:
+ - core
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserServiceAccountRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserServiceAccountResponse'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/:
+ get:
+ operationId: crypto_certificatekeypairs_list
+ description: CertificateKeyPair Viewset
+ parameters:
+ - in: query
+ name: has_key
+ schema:
+ type: boolean
+ description: Only return certificate-key pairs with keys
+ - in: query
+ name: include_details
+ schema:
+ type: boolean
+ default: true
+ - in: query
+ name: managed
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedCertificateKeyPairList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: crypto_certificatekeypairs_create
+ description: CertificateKeyPair Viewset
+ tags:
+ - crypto
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPairRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/{kp_uuid}/:
+ get:
+ operationId: crypto_certificatekeypairs_retrieve
+ description: CertificateKeyPair Viewset
+ parameters:
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: crypto_certificatekeypairs_update
+ description: CertificateKeyPair Viewset
+ parameters:
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPairRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: crypto_certificatekeypairs_partial_update
+ description: CertificateKeyPair Viewset
+ parameters:
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: crypto_certificatekeypairs_destroy
+ description: CertificateKeyPair Viewset
+ parameters:
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/{kp_uuid}/used_by/:
+ get:
+ operationId: crypto_certificatekeypairs_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
+ get:
+ operationId: crypto_certificatekeypairs_view_certificate_retrieve
+ description: Return certificate-key pairs certificate and log access
+ parameters:
+ - in: query
+ name: download
+ schema:
+ type: boolean
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateData'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
+ get:
+ operationId: crypto_certificatekeypairs_view_private_key_retrieve
+ description: Return certificate-key pairs private key and log access
+ parameters:
+ - in: query
+ name: download
+ schema:
+ type: boolean
+ - in: path
+ name: kp_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Certificate-Key Pair.
+ required: true
+ tags:
+ - crypto
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateData'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /crypto/certificatekeypairs/generate/:
+ post:
+ operationId: crypto_certificatekeypairs_generate_create
+ description: Generate a new, self-signed certificate-key pair
+ tags:
+ - crypto
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateGenerationRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ description: ''
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/events/:
+ get:
+ operationId: events_events_list
+ description: Event Read-Only Viewset
+ parameters:
+ - in: query
+ name: action
+ schema:
+ type: string
+ - in: query
+ name: client_ip
+ schema:
+ type: string
+ - in: query
+ name: context_authorized_app
+ schema:
+ type: string
+ description: Context Authorized application
+ - in: query
+ name: context_model_app
+ schema:
+ type: string
+ description: Context Model App
+ - in: query
+ name: context_model_name
+ schema:
+ type: string
+ description: Context Model Name
+ - in: query
+ name: context_model_pk
+ schema:
+ type: string
+ description: Context Model Primary Key
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: tenant_name
+ schema:
+ type: string
+ description: Tenant name
+ - in: query
+ name: username
+ schema:
+ type: string
+ description: Username
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedEventList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: events_events_create
+ description: Event Read-Only Viewset
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Event'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/events/{event_uuid}/:
+ get:
+ operationId: events_events_retrieve
+ description: Event Read-Only Viewset
+ parameters:
+ - in: path
+ name: event_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Event'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: events_events_update
+ description: Event Read-Only Viewset
+ parameters:
+ - in: path
+ name: event_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Event'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: events_events_partial_update
+ description: Event Read-Only Viewset
+ parameters:
+ - in: path
+ name: event_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedEventRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Event'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: events_events_destroy
+ description: Event Read-Only Viewset
+ parameters:
+ - in: path
+ name: event_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/events/actions/:
+ get:
+ operationId: events_events_actions_list
+ description: Get all actions
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/events/per_month/:
+ get:
+ operationId: events_events_per_month_list
+ description: Get the count of events per month
+ parameters:
+ - in: query
+ name: action
+ schema:
+ type: string
+ - in: query
+ name: query
+ schema:
+ type: string
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/events/top_per_user/:
+ get:
+ operationId: events_events_top_per_user_list
+ description: Get the top_n events grouped by user count
+ parameters:
+ - in: query
+ name: action
+ schema:
+ type: string
+ - in: query
+ name: top_n
+ schema:
+ type: integer
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/EventTopPerUser'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/notifications/:
+ get:
+ operationId: events_notifications_list
+ description: Notification Viewset
+ parameters:
+ - in: query
+ name: body
+ schema:
+ type: string
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: event
+ schema:
+ type: string
+ format: uuid
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: seen
+ schema:
+ type: boolean
+ - in: query
+ name: severity
+ schema:
+ type: string
+ enum:
+ - alert
+ - notice
+ - warning
+ - in: query
+ name: user
+ schema:
+ type: integer
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedNotificationList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/notifications/{uuid}/:
+ get:
+ operationId: events_notifications_retrieve
+ description: Notification Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Notification'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: events_notifications_update
+ description: Notification Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Notification'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: events_notifications_partial_update
+ description: Notification Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedNotificationRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Notification'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: events_notifications_destroy
+ description: Notification Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/notifications/{uuid}/used_by/:
+ get:
+ operationId: events_notifications_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/notifications/mark_all_seen/:
+ post:
+ operationId: events_notifications_mark_all_seen_create
+ description: Mark all the user's notifications as seen
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Marked tasks as read successfully.
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/rules/:
+ get:
+ operationId: events_rules_list
+ description: NotificationRule Viewset
+ parameters:
+ - in: query
+ name: group__name
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: severity
+ schema:
+ type: string
+ enum:
+ - alert
+ - notice
+ - warning
+ description: Controls which severity level the created notifications will
+ have.
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedNotificationRuleList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: events_rules_create
+ description: NotificationRule Viewset
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRuleRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRule'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/rules/{pbm_uuid}/:
+ get:
+ operationId: events_rules_retrieve
+ description: NotificationRule Viewset
+ parameters:
+ - in: path
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Rule.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRule'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: events_rules_update
+ description: NotificationRule Viewset
+ parameters:
+ - in: path
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Rule.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRuleRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRule'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: events_rules_partial_update
+ description: NotificationRule Viewset
+ parameters:
+ - in: path
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Rule.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedNotificationRuleRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationRule'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: events_rules_destroy
+ description: NotificationRule Viewset
+ parameters:
+ - in: path
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Rule.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/rules/{pbm_uuid}/used_by/:
+ get:
+ operationId: events_rules_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Rule.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/transports/:
+ get:
+ operationId: events_transports_list
+ description: NotificationTransport Viewset
+ parameters:
+ - in: query
+ name: mode
+ schema:
+ type: string
+ enum:
+ - email
+ - local
+ - webhook
+ - webhook_slack
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: send_once
+ schema:
+ type: boolean
+ - in: query
+ name: webhook_url
+ schema:
+ type: string
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedNotificationTransportList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: events_transports_create
+ description: NotificationTransport Viewset
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransportRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransport'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/transports/{uuid}/:
+ get:
+ operationId: events_transports_retrieve
+ description: NotificationTransport Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransport'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: events_transports_update
+ description: NotificationTransport Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransportRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransport'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: events_transports_partial_update
+ description: NotificationTransport Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedNotificationTransportRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransport'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: events_transports_destroy
+ description: NotificationTransport Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/transports/{uuid}/test/:
+ post:
+ operationId: events_transports_test_create
+ description: |-
+ Send example notification using selected transport. Requires
+ Modify permissions.
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationTransportTest'
+ description: ''
+ '500':
+ description: Failed to test transport
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /events/transports/{uuid}/used_by/:
+ get:
+ operationId: events_transports_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Notification Transport.
+ required: true
+ tags:
+ - events
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/bindings/:
+ get:
+ operationId: flows_bindings_list
+ description: FlowStageBinding Viewset
+ parameters:
+ - in: query
+ name: evaluate_on_plan
+ schema:
+ type: boolean
+ - in: query
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: invalid_response_action
+ schema:
+ type: string
+ enum:
+ - restart
+ - restart_with_context
+ - retry
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
+ - in: query
+ name: order
+ schema:
+ type: integer
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: pbm_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: policies
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: policy_engine_mode
+ schema:
+ type: string
+ enum:
+ - all
+ - any
+ - in: query
+ name: re_evaluate_policies
+ schema:
+ type: boolean
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: target
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedFlowStageBindingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: flows_bindings_create
+ description: FlowStageBinding Viewset
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBindingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/bindings/{fsb_uuid}/:
+ get:
+ operationId: flows_bindings_retrieve
+ description: FlowStageBinding Viewset
+ parameters:
+ - in: path
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Flow Stage Binding.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: flows_bindings_update
+ description: FlowStageBinding Viewset
+ parameters:
+ - in: path
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Flow Stage Binding.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBindingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: flows_bindings_partial_update
+ description: FlowStageBinding Viewset
+ parameters:
+ - in: path
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Flow Stage Binding.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedFlowStageBindingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowStageBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: flows_bindings_destroy
+ description: FlowStageBinding Viewset
+ parameters:
+ - in: path
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Flow Stage Binding.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/bindings/{fsb_uuid}/used_by/:
+ get:
+ operationId: flows_bindings_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: fsb_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Flow Stage Binding.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/executor/{flow_slug}/:
+ get:
+ operationId: flows_executor_get
+ description: Get the next pending challenge from the currently active flow.
+ parameters:
+ - in: path
+ name: flow_slug
+ schema:
+ type: string
+ required: true
+ - in: query
+ name: query
+ schema:
+ type: string
+ description: Querystring as received
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ChallengeTypes'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: flows_executor_solve
+ description: Solve the previously retrieved challenge and advanced to the next
+ stage.
+ parameters:
+ - in: path
+ name: flow_slug
+ schema:
+ type: string
+ required: true
+ - in: query
+ name: query
+ schema:
+ type: string
+ description: Querystring as received
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowChallengeResponseRequest'
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ChallengeTypes'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/inspector/{flow_slug}/:
+ get:
+ operationId: flows_inspector_get
+ description: Get current flow state and record it
+ parameters:
+ - in: path
+ name: flow_slug
+ schema:
+ type: string
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowInspection'
+ description: ''
+ '400':
+ description: No flow plan in session.
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/:
+ get:
+ operationId: flows_instances_list
+ description: Flow Viewset
+ parameters:
+ - in: query
+ name: denied_action
+ schema:
+ type: string
+ enum:
+ - continue
+ - message
+ - message_continue
+ description: Configure what should happen when a flow denies access to a user.
+ - in: query
+ name: designation
+ schema:
+ type: string
+ enum:
+ - authentication
+ - authorization
+ - enrollment
+ - invalidation
+ - recovery
+ - stage_configuration
+ - unenrollment
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ - in: query
+ name: flow_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedFlowList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: flows_instances_create
+ description: Flow Viewset
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Flow'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/:
+ get:
+ operationId: flows_instances_retrieve
+ description: Flow Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Flow'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: flows_instances_update
+ description: Flow Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Flow'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: flows_instances_partial_update
+ description: Flow Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedFlowRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Flow'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: flows_instances_destroy
+ description: Flow Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/diagram/:
+ get:
+ operationId: flows_instances_diagram_retrieve
+ description: Return diagram for flow with slug `slug`, in the format used by
+ flowchart.js
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowDiagram'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/execute/:
+ get:
+ operationId: flows_instances_execute_retrieve
+ description: Execute flow for current user
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Link'
+ description: ''
+ '400':
+ description: Flow not applicable
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/export/:
+ get:
+ operationId: flows_instances_export_retrieve
+ description: Export flow to .yaml file
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: string
+ format: binary
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/set_background/:
+ post:
+ operationId: flows_instances_set_background_create
+ description: Set Flow background
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/FileUploadRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/set_background_url/:
+ post:
+ operationId: flows_instances_set_background_url_create
+ description: Set Flow background (as URL)
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FilePathRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/{slug}/used_by/:
+ get:
+ operationId: flows_instances_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Visible in the URL.
+ required: true
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/cache_clear/:
+ post:
+ operationId: flows_instances_cache_clear_create
+ description: Clear flow cache
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully cleared cache
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/cache_info/:
+ get:
+ operationId: flows_instances_cache_info_retrieve
+ description: Info about cached flows
+ tags:
+ - flows
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Cache'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /flows/instances/import/:
+ post:
+ operationId: flows_instances_import_create
+ description: Import flow from .yaml file
+ tags:
+ - flows
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/FileUploadRequest'
+ security:
+ - authentik: []
+ responses:
+ '204':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowImportResult'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FlowImportResult'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /managed/blueprints/:
+ get:
+ operationId: managed_blueprints_list
+ description: Blueprint instances
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: path
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedBlueprintInstanceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: managed_blueprints_create
+ description: Blueprint instances
+ tags:
+ - managed
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstanceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstance'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /managed/blueprints/{instance_uuid}/:
+ get:
+ operationId: managed_blueprints_retrieve
+ description: Blueprint instances
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstance'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: managed_blueprints_update
+ description: Blueprint instances
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstanceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstance'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: managed_blueprints_partial_update
+ description: Blueprint instances
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstance'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: managed_blueprints_destroy
+ description: Blueprint instances
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /managed/blueprints/{instance_uuid}/apply/:
+ post:
+ operationId: managed_blueprints_apply_create
+ description: Apply a blueprint
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/BlueprintInstance'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /managed/blueprints/{instance_uuid}/used_by/:
+ get:
+ operationId: managed_blueprints_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: instance_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Blueprint Instance.
+ required: true
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /managed/blueprints/available/:
+ get:
+ operationId: managed_blueprints_available_list
+ description: Get blueprints
+ tags:
+ - managed
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/BlueprintFile'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/authorization_codes/:
+ get:
+ operationId: oauth2_authorization_codes_list
+ description: AuthorizationCode Viewset
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: provider
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: user
+ schema:
+ type: integer
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/authorization_codes/{id}/:
+ get:
+ operationId: oauth2_authorization_codes_retrieve
+ description: AuthorizationCode Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Authorization Code.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpiringBaseGrantModel'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: oauth2_authorization_codes_destroy
+ description: AuthorizationCode Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Authorization Code.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/authorization_codes/{id}/used_by/:
+ get:
+ operationId: oauth2_authorization_codes_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Authorization Code.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/refresh_tokens/:
+ get:
+ operationId: oauth2_refresh_tokens_list
+ description: RefreshToken Viewset
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: provider
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: user
+ schema:
+ type: integer
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedRefreshTokenModelList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/refresh_tokens/{id}/:
+ get:
+ operationId: oauth2_refresh_tokens_retrieve
+ description: RefreshToken Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2 Token.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/RefreshTokenModel'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: oauth2_refresh_tokens_destroy
+ description: RefreshToken Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2 Token.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /oauth2/refresh_tokens/{id}/used_by/:
+ get:
+ operationId: oauth2_refresh_tokens_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2 Token.
+ required: true
+ tags:
+ - oauth2
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/instances/:
+ get:
+ operationId: outposts_instances_list
+ description: Outpost Viewset
+ parameters:
+ - in: query
+ name: managed__icontains
+ schema:
+ type: string
+ - in: query
+ name: managed__iexact
+ schema:
+ type: string
+ - in: query
+ name: name__icontains
+ schema:
+ type: string
+ - in: query
+ name: name__iexact
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: providers__isnull
+ schema:
+ type: boolean
+ - in: query
+ name: providers_by_pk
+ schema:
+ type: array
+ items:
+ type: integer
+ explode: true
+ style: form
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: service_connection__name__icontains
+ schema:
+ type: string
+ - in: query
+ name: service_connection__name__iexact
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedOutpostList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: outposts_instances_create
+ description: Outpost Viewset
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OutpostRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Outpost'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/instances/{uuid}/:
+ get:
+ operationId: outposts_instances_retrieve
+ description: Outpost Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Outpost'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: outposts_instances_update
+ description: Outpost Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OutpostRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Outpost'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: outposts_instances_partial_update
+ description: Outpost Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedOutpostRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Outpost'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: outposts_instances_destroy
+ description: Outpost Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/instances/{uuid}/health/:
+ get:
+ operationId: outposts_instances_health_list
+ description: Get outposts current health
+ parameters:
+ - in: query
+ name: managed__icontains
+ schema:
+ type: string
+ - in: query
+ name: managed__iexact
+ schema:
+ type: string
+ - in: query
+ name: name__icontains
+ schema:
+ type: string
+ - in: query
+ name: name__iexact
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - in: query
+ name: providers__isnull
+ schema:
+ type: boolean
+ - in: query
+ name: providers_by_pk
+ schema:
+ type: array
+ items:
+ type: integer
+ explode: true
+ style: form
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: service_connection__name__icontains
+ schema:
+ type: string
+ - in: query
+ name: service_connection__name__iexact
+ schema:
+ type: string
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/OutpostHealth'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/instances/{uuid}/used_by/:
+ get:
+ operationId: outposts_instances_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this outpost.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/instances/default_settings/:
+ get:
+ operationId: outposts_instances_default_settings_retrieve
+ description: Global default outpost config
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OutpostDefaultConfig'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/ldap/:
+ get:
+ operationId: outposts_ldap_list
+ description: LDAPProvider Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/ldap/{id}/:
+ get:
+ operationId: outposts_ldap_retrieve
+ description: LDAPProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPOutpostConfig'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/proxy/:
+ get:
+ operationId: outposts_proxy_list
+ description: ProxyProvider Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/proxy/{id}/:
+ get:
+ operationId: outposts_proxy_retrieve
+ description: ProxyProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyOutpostConfig'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/all/:
+ get:
+ operationId: outposts_service_connections_all_list
+ description: ServiceConnection Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedServiceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/all/{uuid}/:
+ get:
+ operationId: outposts_service_connections_all_retrieve
+ description: ServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Outpost Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: outposts_service_connections_all_destroy
+ description: ServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Outpost Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/all/{uuid}/state/:
+ get:
+ operationId: outposts_service_connections_all_state_retrieve
+ description: Get the service connection's state
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Outpost Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ServiceConnectionState'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/all/{uuid}/used_by/:
+ get:
+ operationId: outposts_service_connections_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Outpost Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/all/types/:
+ get:
+ operationId: outposts_service_connections_all_types_list
+ description: Get all creatable service connection types
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/docker/:
+ get:
+ operationId: outposts_service_connections_docker_list
+ description: DockerServiceConnection Viewset
+ parameters:
+ - in: query
+ name: local
+ schema:
+ type: boolean
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: tls_authentication
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: tls_verification
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: url
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: outposts_service_connections_docker_create
+ description: DockerServiceConnection Viewset
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/docker/{uuid}/:
+ get:
+ operationId: outposts_service_connections_docker_retrieve
+ description: DockerServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Docker Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: outposts_service_connections_docker_update
+ description: DockerServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Docker Service-Connection.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: outposts_service_connections_docker_partial_update
+ description: DockerServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Docker Service-Connection.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DockerServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: outposts_service_connections_docker_destroy
+ description: DockerServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Docker Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/docker/{uuid}/used_by/:
+ get:
+ operationId: outposts_service_connections_docker_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Docker Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/kubernetes/:
+ get:
+ operationId: outposts_service_connections_kubernetes_list
+ description: KubernetesServiceConnection Viewset
+ parameters:
+ - in: query
+ name: local
+ schema:
+ type: boolean
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: outposts_service_connections_kubernetes_create
+ description: KubernetesServiceConnection Viewset
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/kubernetes/{uuid}/:
+ get:
+ operationId: outposts_service_connections_kubernetes_retrieve
+ description: KubernetesServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Kubernetes Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: outposts_service_connections_kubernetes_update
+ description: KubernetesServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Kubernetes Service-Connection.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: outposts_service_connections_kubernetes_partial_update
+ description: KubernetesServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Kubernetes Service-Connection.
+ required: true
+ tags:
+ - outposts
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/KubernetesServiceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: outposts_service_connections_kubernetes_destroy
+ description: KubernetesServiceConnection Viewset
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Kubernetes Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /outposts/service_connections/kubernetes/{uuid}/used_by/:
+ get:
+ operationId: outposts_service_connections_kubernetes_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Kubernetes Service-Connection.
+ required: true
+ tags:
+ - outposts
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/:
+ get:
+ operationId: policies_all_list
+ description: Policy Viewset
+ parameters:
+ - in: query
+ name: bindings__isnull
+ schema:
+ type: boolean
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: promptstage__isnull
+ schema:
+ type: boolean
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/{policy_uuid}/:
+ get:
+ operationId: policies_all_retrieve
+ description: Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Policy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_all_destroy
+ description: Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/{policy_uuid}/test/:
+ post:
+ operationId: policies_all_test_create
+ description: Test policy
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyTestRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyTestResult'
+ description: ''
+ '400':
+ description: Invalid parameters
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/cache_clear/:
+ post:
+ operationId: policies_all_cache_clear_create
+ description: Clear policy cache
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully cleared cache
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/cache_info/:
+ get:
+ operationId: policies_all_cache_info_retrieve
+ description: Info about cached policies
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Cache'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/all/types/:
+ get:
+ operationId: policies_all_types_list
+ description: Get all creatable policy types
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/bindings/:
+ get:
+ operationId: policies_bindings_list
+ description: PolicyBinding Viewset
+ parameters:
+ - in: query
+ name: enabled
+ schema:
+ type: boolean
+ - in: query
+ name: order
+ schema:
+ type: integer
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: policy__isnull
+ schema:
+ type: boolean
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: target
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: target_in
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: timeout
+ schema:
+ type: integer
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPolicyBindingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_bindings_create
+ description: PolicyBinding Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBindingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/bindings/{policy_binding_uuid}/:
+ get:
+ operationId: policies_bindings_retrieve
+ description: PolicyBinding Viewset
+ parameters:
+ - in: path
+ name: policy_binding_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy Binding.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_bindings_update
+ description: PolicyBinding Viewset
+ parameters:
+ - in: path
+ name: policy_binding_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy Binding.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBindingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_bindings_partial_update
+ description: PolicyBinding Viewset
+ parameters:
+ - in: path
+ name: policy_binding_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy Binding.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPolicyBindingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyBinding'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_bindings_destroy
+ description: PolicyBinding Viewset
+ parameters:
+ - in: path
+ name: policy_binding_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy Binding.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/bindings/{policy_binding_uuid}/used_by/:
+ get:
+ operationId: policies_bindings_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_binding_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Policy Binding.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/dummy/:
+ get:
+ operationId: policies_dummy_list
+ description: Dummy Viewset
+ parameters:
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: result
+ schema:
+ type: boolean
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: wait_max
+ schema:
+ type: integer
+ - in: query
+ name: wait_min
+ schema:
+ type: integer
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDummyPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_dummy_create
+ description: Dummy Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/dummy/{policy_uuid}/:
+ get:
+ operationId: policies_dummy_retrieve
+ description: Dummy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_dummy_update
+ description: Dummy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_dummy_partial_update
+ description: Dummy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDummyPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_dummy_destroy
+ description: Dummy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/dummy/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_dummy_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/event_matcher/:
+ get:
+ operationId: policies_event_matcher_list
+ description: Event Matcher Policy Viewset
+ parameters:
+ - in: query
+ name: action
+ schema:
+ type: string
+ enum:
+ - authorize_application
+ - configuration_error
+ - custom_
+ - email_sent
+ - flow_execution
+ - impersonation_ended
+ - impersonation_started
+ - invitation_used
+ - login
+ - login_failed
+ - logout
+ - model_created
+ - model_deleted
+ - model_updated
+ - password_set
+ - policy_exception
+ - policy_execution
+ - property_mapping_exception
+ - secret_rotate
+ - secret_view
+ - source_linked
+ - suspicious_request
+ - system_exception
+ - system_task_exception
+ - system_task_execution
+ - update_available
+ - user_write
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
+ - in: query
+ name: app
+ schema:
+ type: string
+ enum:
+ - authentik.admin
+ - authentik.api
+ - authentik.blueprints
+ - authentik.core
+ - authentik.crypto
+ - authentik.events
+ - authentik.flows
+ - authentik.lib
+ - authentik.outposts
+ - authentik.policies
+ - authentik.policies.dummy
+ - authentik.policies.event_matcher
+ - authentik.policies.expiry
+ - authentik.policies.expression
+ - authentik.policies.hibp
+ - authentik.policies.password
+ - authentik.policies.reputation
+ - authentik.providers.ldap
+ - authentik.providers.oauth2
+ - authentik.providers.proxy
+ - authentik.providers.saml
+ - authentik.recovery
+ - authentik.sources.ldap
+ - authentik.sources.oauth
+ - authentik.sources.plex
+ - authentik.sources.saml
+ - authentik.stages.authenticator_duo
+ - authentik.stages.authenticator_sms
+ - authentik.stages.authenticator_static
+ - authentik.stages.authenticator_totp
+ - authentik.stages.authenticator_validate
+ - authentik.stages.authenticator_webauthn
+ - authentik.stages.captcha
+ - authentik.stages.consent
+ - authentik.stages.deny
+ - authentik.stages.dummy
+ - authentik.stages.email
+ - authentik.stages.identification
+ - authentik.stages.invitation
+ - authentik.stages.password
+ - authentik.stages.prompt
+ - authentik.stages.user_delete
+ - authentik.stages.user_login
+ - authentik.stages.user_logout
+ - authentik.stages.user_write
+ - authentik.tenants
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
+ - in: query
+ name: client_ip
+ schema:
+ type: string
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_event_matcher_create
+ description: Event Matcher Policy Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/event_matcher/{policy_uuid}/:
+ get:
+ operationId: policies_event_matcher_retrieve
+ description: Event Matcher Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event Matcher Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_event_matcher_update
+ description: Event Matcher Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event Matcher Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_event_matcher_partial_update
+ description: Event Matcher Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event Matcher Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EventMatcherPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_event_matcher_destroy
+ description: Event Matcher Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event Matcher Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/event_matcher/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_event_matcher_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Event Matcher Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/expression/:
+ get:
+ operationId: policies_expression_list
+ description: Source Viewset
+ parameters:
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: expression
+ schema:
+ type: string
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedExpressionPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_expression_create
+ description: Source Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicyRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/expression/{policy_uuid}/:
+ get:
+ operationId: policies_expression_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Expression Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_expression_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Expression Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicyRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_expression_partial_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Expression Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedExpressionPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ExpressionPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_expression_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Expression Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/expression/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_expression_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Expression Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/haveibeenpwned/:
+ get:
+ operationId: policies_haveibeenpwned_list
+ description: Source Viewset
+ parameters:
+ - in: query
+ name: allowed_count
+ schema:
+ type: integer
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: password_field
+ schema:
+ type: string
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedHaveIBeenPwendPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_haveibeenpwned_create
+ description: Source Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/haveibeenpwned/{policy_uuid}/:
+ get:
+ operationId: policies_haveibeenpwned_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Have I Been Pwned Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_haveibeenpwned_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Have I Been Pwned Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_haveibeenpwned_partial_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Have I Been Pwned Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_haveibeenpwned_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Have I Been Pwned Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/haveibeenpwned/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_haveibeenpwned_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Have I Been Pwned Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password/:
+ get:
+ operationId: policies_password_list
+ description: Password Policy Viewset
+ parameters:
+ - in: query
+ name: amount_digits
+ schema:
+ type: integer
+ - in: query
+ name: amount_lowercase
+ schema:
+ type: integer
+ - in: query
+ name: amount_symbols
+ schema:
+ type: integer
+ - in: query
+ name: amount_uppercase
+ schema:
+ type: integer
+ - in: query
+ name: check_have_i_been_pwned
+ schema:
+ type: boolean
+ - in: query
+ name: check_static_rules
+ schema:
+ type: boolean
+ - in: query
+ name: check_zxcvbn
+ schema:
+ type: boolean
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: error_message
+ schema:
+ type: string
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: hibp_allowed_count
+ schema:
+ type: integer
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: length_min
+ schema:
+ type: integer
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: password_field
+ schema:
+ type: string
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: symbol_charset
+ schema:
+ type: string
+ - in: query
+ name: zxcvbn_score_threshold
+ schema:
+ type: integer
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPasswordPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_password_create
+ description: Password Policy Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password/{policy_uuid}/:
+ get:
+ operationId: policies_password_retrieve
+ description: Password Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_password_update
+ description: Password Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_password_partial_update
+ description: Password Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPasswordPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_password_destroy
+ description: Password Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_password_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password_expiry/:
+ get:
+ operationId: policies_password_expiry_list
+ description: Password Expiry Viewset
+ parameters:
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: days
+ schema:
+ type: integer
+ - in: query
+ name: deny_only
+ schema:
+ type: boolean
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_password_expiry_create
+ description: Password Expiry Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicyRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password_expiry/{policy_uuid}/:
+ get:
+ operationId: policies_password_expiry_retrieve
+ description: Password Expiry Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Expiry Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_password_expiry_update
+ description: Password Expiry Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Expiry Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicyRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_password_expiry_partial_update
+ description: Password Expiry Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Expiry Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordExpiryPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_password_expiry_destroy
+ description: Password Expiry Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Expiry Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/password_expiry/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_password_expiry_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Expiry Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/:
+ get:
+ operationId: policies_reputation_list
+ description: Reputation Policy Viewset
+ parameters:
+ - in: query
+ name: check_ip
+ schema:
+ type: boolean
+ - in: query
+ name: check_username
+ schema:
+ type: boolean
+ - in: query
+ name: created
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: execution_logging
+ schema:
+ type: boolean
+ - in: query
+ name: last_updated
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: threshold
+ schema:
+ type: integer
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedReputationPolicyList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: policies_reputation_create
+ description: Reputation Policy Viewset
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/{policy_uuid}/:
+ get:
+ operationId: policies_reputation_retrieve
+ description: Reputation Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Reputation Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: policies_reputation_update
+ description: Reputation Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Reputation Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: policies_reputation_partial_update
+ description: Reputation Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Reputation Policy.
+ required: true
+ tags:
+ - policies
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedReputationPolicyRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ReputationPolicy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_reputation_destroy
+ description: Reputation Policy Viewset
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Reputation Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/{policy_uuid}/used_by/:
+ get:
+ operationId: policies_reputation_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: policy_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Reputation Policy.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/scores/:
+ get:
+ operationId: policies_reputation_scores_list
+ description: Reputation Viewset
+ parameters:
+ - in: query
+ name: identifier
+ schema:
+ type: string
+ - in: query
+ name: ip
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: score
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedReputationList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/scores/{reputation_uuid}/:
+ get:
+ operationId: policies_reputation_scores_retrieve
+ description: Reputation Viewset
+ parameters:
+ - in: path
+ name: reputation_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this reputation.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Reputation'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: policies_reputation_scores_destroy
+ description: Reputation Viewset
+ parameters:
+ - in: path
+ name: reputation_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this reputation.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /policies/reputation/scores/{reputation_uuid}/used_by/:
+ get:
+ operationId: policies_reputation_scores_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: reputation_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this reputation.
+ required: true
+ tags:
+ - policies
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/all/:
+ get:
+ operationId: propertymappings_all_list
+ description: PropertyMapping Viewset
+ parameters:
+ - in: query
+ name: managed__isnull
+ schema:
+ type: boolean
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPropertyMappingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/all/{pm_uuid}/:
+ get:
+ operationId: propertymappings_all_retrieve
+ description: PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: propertymappings_all_destroy
+ description: PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/all/{pm_uuid}/test/:
+ post:
+ operationId: propertymappings_all_test_create
+ description: Test Property Mapping
+ parameters:
+ - in: query
+ name: format_result
+ schema:
+ type: boolean
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PolicyTestRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PropertyMappingTestResult'
+ description: ''
+ '400':
+ description: Invalid parameters
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/all/{pm_uuid}/used_by/:
+ get:
+ operationId: propertymappings_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/all/types/:
+ get:
+ operationId: propertymappings_all_types_list
+ description: Get all creatable property-mapping types
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/ldap/:
+ get:
+ operationId: propertymappings_ldap_list
+ description: LDAP PropertyMapping Viewset
+ parameters:
+ - in: query
+ name: expression
+ schema:
+ type: string
+ - in: query
+ name: managed
+ schema:
+ type: array
+ items:
+ type: string
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: object_field
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: propertymappings_ldap_create
+ description: LDAP PropertyMapping Viewset
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/ldap/{pm_uuid}/:
+ get:
+ operationId: propertymappings_ldap_retrieve
+ description: LDAP PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this LDAP Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: propertymappings_ldap_update
+ description: LDAP PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this LDAP Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: propertymappings_ldap_partial_update
+ description: LDAP PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this LDAP Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: propertymappings_ldap_destroy
+ description: LDAP PropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this LDAP Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/ldap/{pm_uuid}/used_by/:
+ get:
+ operationId: propertymappings_ldap_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this LDAP Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/notification/:
+ get:
+ operationId: propertymappings_notification_list
+ description: NotificationWebhookMapping Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: propertymappings_notification_create
+ description: NotificationWebhookMapping Viewset
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/notification/{pm_uuid}/:
+ get:
+ operationId: propertymappings_notification_retrieve
+ description: NotificationWebhookMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Webhook Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: propertymappings_notification_update
+ description: NotificationWebhookMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Webhook Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: propertymappings_notification_partial_update
+ description: NotificationWebhookMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Webhook Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/NotificationWebhookMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: propertymappings_notification_destroy
+ description: NotificationWebhookMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Webhook Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/notification/{pm_uuid}/used_by/:
+ get:
+ operationId: propertymappings_notification_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Webhook Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/saml/:
+ get:
+ operationId: propertymappings_saml_list
+ description: SAMLPropertyMapping Viewset
+ parameters:
+ - in: query
+ name: expression
+ schema:
+ type: string
+ - in: query
+ name: friendly_name
+ schema:
+ type: string
+ - in: query
+ name: managed
+ schema:
+ type: array
+ items:
+ type: string
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: saml_name
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: propertymappings_saml_create
+ description: SAMLPropertyMapping Viewset
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/saml/{pm_uuid}/:
+ get:
+ operationId: propertymappings_saml_retrieve
+ description: SAMLPropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SAML Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: propertymappings_saml_update
+ description: SAMLPropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SAML Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: propertymappings_saml_partial_update
+ description: SAMLPropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SAML Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLPropertyMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: propertymappings_saml_destroy
+ description: SAMLPropertyMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SAML Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/saml/{pm_uuid}/used_by/:
+ get:
+ operationId: propertymappings_saml_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SAML Property Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/scope/:
+ get:
+ operationId: propertymappings_scope_list
+ description: ScopeMapping Viewset
+ parameters:
+ - in: query
+ name: managed
+ schema:
+ type: array
+ items:
+ type: string
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: scope_name
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedScopeMappingList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: propertymappings_scope_create
+ description: ScopeMapping Viewset
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/scope/{pm_uuid}/:
+ get:
+ operationId: propertymappings_scope_retrieve
+ description: ScopeMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Scope Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: propertymappings_scope_update
+ description: ScopeMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Scope Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMappingRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: propertymappings_scope_partial_update
+ description: ScopeMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Scope Mapping.
+ required: true
+ tags:
+ - propertymappings
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedScopeMappingRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ScopeMapping'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: propertymappings_scope_destroy
+ description: ScopeMapping Viewset
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Scope Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /propertymappings/scope/{pm_uuid}/used_by/:
+ get:
+ operationId: propertymappings_scope_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: pm_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Scope Mapping.
+ required: true
+ tags:
+ - propertymappings
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/all/:
+ get:
+ operationId: providers_all_list
+ description: Provider Viewset
+ parameters:
+ - in: query
+ name: application__isnull
+ schema:
+ type: boolean
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedProviderList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/all/{id}/:
+ get:
+ operationId: providers_all_retrieve
+ description: Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Provider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: providers_all_destroy
+ description: Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/all/{id}/used_by/:
+ get:
+ operationId: providers_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/all/types/:
+ get:
+ operationId: providers_all_types_list
+ description: Get all creatable provider types
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/ldap/:
+ get:
+ operationId: providers_ldap_list
+ description: LDAPProvider Viewset
+ parameters:
+ - in: query
+ name: application__isnull
+ schema:
+ type: boolean
+ - in: query
+ name: authorization_flow__slug__iexact
+ schema:
+ type: string
+ - in: query
+ name: base_dn__iexact
+ schema:
+ type: string
+ - in: query
+ name: certificate__kp_uuid__iexact
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: certificate__name__iexact
+ schema:
+ type: string
+ - in: query
+ name: gid_start_number__iexact
+ schema:
+ type: integer
+ - in: query
+ name: name__iexact
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: search_group__group_uuid__iexact
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: search_group__name__iexact
+ schema:
+ type: string
+ - in: query
+ name: tls_server_name__iexact
+ schema:
+ type: string
+ - in: query
+ name: uid_start_number__iexact
+ schema:
+ type: integer
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedLDAPProviderList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: providers_ldap_create
+ description: LDAPProvider Viewset
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/ldap/{id}/:
+ get:
+ operationId: providers_ldap_retrieve
+ description: LDAPProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: providers_ldap_update
+ description: LDAPProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: providers_ldap_partial_update
+ description: LDAPProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedLDAPProviderRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: providers_ldap_destroy
+ description: LDAPProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/ldap/{id}/used_by/:
+ get:
+ operationId: providers_ldap_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this LDAP Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/oauth2/:
+ get:
+ operationId: providers_oauth2_list
+ description: OAuth2Provider Viewset
+ parameters:
+ - in: query
+ name: access_code_validity
+ schema:
+ type: string
+ - in: query
+ name: application
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: authorization_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: client_id
+ schema:
+ type: string
+ - in: query
+ name: client_type
+ schema:
+ type: string
+ enum:
+ - confidential
+ - public
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
+ - in: query
+ name: include_claims_in_id_token
+ schema:
+ type: boolean
+ - in: query
+ name: issuer_mode
+ schema:
+ type: string
+ enum:
+ - global
+ - per_provider
+ description: Configure how the issuer field of the ID Token should be filled.
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: property_mappings
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: redirect_uris
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: signing_key
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: sub_mode
+ schema:
+ type: string
+ enum:
+ - hashed_user_id
+ - user_email
+ - user_upn
+ - user_username
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
+ - in: query
+ name: token_validity
+ schema:
+ type: string
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedOAuth2ProviderList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: providers_oauth2_create
+ description: OAuth2Provider Viewset
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2ProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2Provider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/oauth2/{id}/:
+ get:
+ operationId: providers_oauth2_retrieve
+ description: OAuth2Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2Provider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: providers_oauth2_update
+ description: OAuth2Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2ProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2Provider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: providers_oauth2_partial_update
+ description: OAuth2Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2Provider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: providers_oauth2_destroy
+ description: OAuth2Provider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/oauth2/{id}/preview_user/:
+ get:
+ operationId: providers_oauth2_preview_user_retrieve
+ description: Preview user data for provider
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PropertyMappingPreview'
+ description: ''
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/oauth2/{id}/setup_urls/:
+ get:
+ operationId: providers_oauth2_setup_urls_retrieve
+ description: Get Providers setup URLs
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuth2ProviderSetupURLs'
+ description: ''
+ '404':
+ description: Provider has no application assigned
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/oauth2/{id}/used_by/:
+ get:
+ operationId: providers_oauth2_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this OAuth2/OpenID Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/proxy/:
+ get:
+ operationId: providers_proxy_list
+ description: ProxyProvider Viewset
+ parameters:
+ - in: query
+ name: application__isnull
+ schema:
+ type: boolean
+ - in: query
+ name: authorization_flow__slug__iexact
+ schema:
+ type: string
+ - in: query
+ name: basic_auth_enabled__iexact
+ schema:
+ type: boolean
+ - in: query
+ name: basic_auth_password_attribute__iexact
+ schema:
+ type: string
+ - in: query
+ name: basic_auth_user_attribute__iexact
+ schema:
+ type: string
+ - in: query
+ name: certificate__kp_uuid__iexact
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: certificate__name__iexact
+ schema:
+ type: string
+ - in: query
+ name: cookie_domain__iexact
+ schema:
+ type: string
+ - in: query
+ name: external_host__iexact
+ schema:
+ type: string
+ - in: query
+ name: internal_host__iexact
+ schema:
+ type: string
+ - in: query
+ name: internal_host_ssl_validation__iexact
+ schema:
+ type: boolean
+ - in: query
+ name: mode__iexact
+ schema:
+ type: string
+ - in: query
+ name: name__iexact
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: property_mappings__iexact
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: redirect_uris__iexact
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: skip_path_regex__iexact
+ schema:
+ type: string
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedProxyProviderList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: providers_proxy_create
+ description: ProxyProvider Viewset
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/proxy/{id}/:
+ get:
+ operationId: providers_proxy_retrieve
+ description: ProxyProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: providers_proxy_update
+ description: ProxyProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: providers_proxy_partial_update
+ description: ProxyProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedProxyProviderRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ProxyProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: providers_proxy_destroy
+ description: ProxyProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/proxy/{id}/used_by/:
+ get:
+ operationId: providers_proxy_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this Proxy Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/:
+ get:
+ operationId: providers_saml_list
+ description: SAMLProvider Viewset
+ parameters:
+ - in: query
+ name: acs_url
+ schema:
+ type: string
+ - in: query
+ name: assertion_valid_not_before
+ schema:
+ type: string
+ - in: query
+ name: assertion_valid_not_on_or_after
+ schema:
+ type: string
+ - in: query
+ name: audience
+ schema:
+ type: string
+ - in: query
+ name: authorization_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: digest_algorithm
+ schema:
+ type: string
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#sha1
+ - http://www.w3.org/2001/04/xmldsig-more#sha384
+ - http://www.w3.org/2001/04/xmlenc#sha256
+ - http://www.w3.org/2001/04/xmlenc#sha512
+ - in: query
+ name: issuer
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: name_id_mapping
+ schema:
+ type: string
+ format: uuid
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: property_mappings
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: session_valid_not_on_or_after
+ schema:
+ type: string
+ - in: query
+ name: signature_algorithm
+ schema:
+ type: string
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#dsa-sha1
+ - http://www.w3.org/2000/09/xmldsig#rsa-sha1
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
+ - in: query
+ name: signing_kp
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: sp_binding
+ schema:
+ type: string
+ title: Service Provider Binding
+ enum:
+ - post
+ - redirect
+ description: This determines how authentik sends the response back to the
+ Service Provider.
+ - in: query
+ name: verification_kp
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSAMLProviderList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: providers_saml_create
+ description: SAMLProvider Viewset
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/{id}/:
+ get:
+ operationId: providers_saml_retrieve
+ description: SAMLProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: providers_saml_update
+ description: SAMLProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProviderRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: providers_saml_partial_update
+ description: SAMLProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedSAMLProviderRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLProvider'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: providers_saml_destroy
+ description: SAMLProvider Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/{id}/metadata/:
+ get:
+ operationId: providers_saml_metadata_retrieve
+ description: Return metadata as XML string
+ parameters:
+ - in: query
+ name: download
+ schema:
+ type: boolean
+ - in: query
+ name: force_binding
+ schema:
+ type: string
+ enum:
+ - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
+ - urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
+ description: Optionally force the metadata to only include one binding.
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLMetadata'
+ description: ''
+ '404':
+ description: Provider has no application assigned
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/{id}/preview_user/:
+ get:
+ operationId: providers_saml_preview_user_retrieve
+ description: Preview user data for provider
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PropertyMappingPreview'
+ description: ''
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/{id}/used_by/:
+ get:
+ operationId: providers_saml_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this SAML Provider.
+ required: true
+ tags:
+ - providers
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /providers/saml/import_metadata/:
+ post:
+ operationId: providers_saml_import_metadata_create
+ description: Create provider from SAML Metadata
+ tags:
+ - providers
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/SAMLProviderImportRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Successfully imported provider
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /root/config/:
+ get:
+ operationId: root_config_retrieve
+ description: Retrieve public configuration options
+ tags:
+ - root
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Config'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /schema/:
+ get:
+ operationId: schema_retrieve
+ description: |-
+ OpenApi3 schema for this API. Format can be selected via content negotiation.
+
+ - YAML: application/vnd.oai.openapi
+ - JSON: application/vnd.oai.openapi+json
+ parameters:
+ - in: query
+ name: format
+ schema:
+ type: string
+ enum:
+ - json
+ - yaml
+ - in: query
+ name: lang
+ schema:
+ type: string
+ enum:
+ - af
+ - ar
+ - ar-dz
+ - ast
+ - az
+ - be
+ - bg
+ - bn
+ - br
+ - bs
+ - ca
+ - cs
+ - cy
+ - da
+ - de
+ - dsb
+ - el
+ - en
+ - en-au
+ - en-gb
+ - eo
+ - es
+ - es-ar
+ - es-co
+ - es-mx
+ - es-ni
+ - es-ve
+ - et
+ - eu
+ - fa
+ - fi
+ - fr
+ - fy
+ - ga
+ - gd
+ - gl
+ - he
+ - hi
+ - hr
+ - hsb
+ - hu
+ - hy
+ - ia
+ - id
+ - ig
+ - io
+ - is
+ - it
+ - ja
+ - ka
+ - kab
+ - kk
+ - km
+ - kn
+ - ko
+ - ky
+ - lb
+ - lt
+ - lv
+ - mk
+ - ml
+ - mn
+ - mr
+ - ms
+ - my
+ - nb
+ - ne
+ - nl
+ - nn
+ - os
+ - pa
+ - pl
+ - pt
+ - pt-br
+ - ro
+ - ru
+ - sk
+ - sl
+ - sq
+ - sr
+ - sr-latn
+ - sv
+ - sw
+ - ta
+ - te
+ - tg
+ - th
+ - tk
+ - tr
+ - tt
+ - udm
+ - uk
+ - ur
+ - uz
+ - vi
+ - zh-hans
+ - zh-hant
+ tags:
+ - schema
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/vnd.oai.openapi:
+ schema:
+ type: object
+ additionalProperties: {}
+ application/yaml:
+ schema:
+ type: object
+ additionalProperties: {}
+ application/vnd.oai.openapi+json:
+ schema:
+ type: object
+ additionalProperties: {}
+ application/json:
+ schema:
+ type: object
+ additionalProperties: {}
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/:
+ get:
+ operationId: sources_all_list
+ description: Source Viewset
+ parameters:
+ - in: query
+ name: managed
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSourceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/{slug}/:
+ get:
+ operationId: sources_all_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Source'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_all_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/{slug}/set_icon/:
+ post:
+ operationId: sources_all_set_icon_create
+ description: Set source icon
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ multipart/form-data:
+ schema:
+ $ref: '#/components/schemas/FileUploadRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/{slug}/set_icon_url/:
+ post:
+ operationId: sources_all_set_icon_url_create
+ description: Set source icon (as URL)
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/FilePathRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ description: Success
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/{slug}/used_by/:
+ get:
+ operationId: sources_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/types/:
+ get:
+ operationId: sources_all_types_list
+ description: Get all creatable source types
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/all/user_settings/:
+ get:
+ operationId: sources_all_user_settings_list
+ description: Get all sources the user can configure
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserSetting'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/ldap/:
+ get:
+ operationId: sources_ldap_list
+ description: LDAP Source Viewset
+ parameters:
+ - in: query
+ name: additional_group_dn
+ schema:
+ type: string
+ - in: query
+ name: additional_user_dn
+ schema:
+ type: string
+ - in: query
+ name: base_dn
+ schema:
+ type: string
+ - in: query
+ name: bind_cn
+ schema:
+ type: string
+ - in: query
+ name: enabled
+ schema:
+ type: boolean
+ - in: query
+ name: group_membership_field
+ schema:
+ type: string
+ - in: query
+ name: group_object_filter
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: object_uniqueness_field
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: peer_certificate
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: property_mappings
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: property_mappings_group
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: server_uri
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ - in: query
+ name: start_tls
+ schema:
+ type: boolean
+ - in: query
+ name: sync_groups
+ schema:
+ type: boolean
+ - in: query
+ name: sync_parent_group
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: sync_users
+ schema:
+ type: boolean
+ - in: query
+ name: sync_users_password
+ schema:
+ type: boolean
+ - in: query
+ name: user_object_filter
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedLDAPSourceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_ldap_create
+ description: LDAP Source Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/ldap/{slug}/:
+ get:
+ operationId: sources_ldap_retrieve
+ description: LDAP Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_ldap_update
+ description: LDAP Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_ldap_partial_update
+ description: LDAP Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedLDAPSourceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/LDAPSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_ldap_destroy
+ description: LDAP Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/ldap/{slug}/sync_status/:
+ get:
+ operationId: sources_ldap_sync_status_list
+ description: Get source's sync status
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/Task'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/ldap/{slug}/used_by/:
+ get:
+ operationId: sources_ldap_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/oauth/:
+ get:
+ operationId: sources_oauth_list
+ description: Source Viewset
+ parameters:
+ - in: query
+ name: access_token_url
+ schema:
+ type: string
+ - in: query
+ name: additional_scopes
+ schema:
+ type: string
+ - in: query
+ name: authentication_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: authorization_url
+ schema:
+ type: string
+ - in: query
+ name: consumer_key
+ schema:
+ type: string
+ - in: query
+ name: enabled
+ schema:
+ type: boolean
+ - in: query
+ name: enrollment_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_engine_mode
+ schema:
+ type: string
+ enum:
+ - all
+ - any
+ - in: query
+ name: profile_url
+ schema:
+ type: string
+ - in: query
+ name: provider_type
+ schema:
+ type: string
+ - in: query
+ name: request_token_url
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ - in: query
+ name: user_matching_mode
+ schema:
+ type: string
+ enum:
+ - email_deny
+ - email_link
+ - identifier
+ - username_deny
+ - username_link
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedOAuthSourceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_oauth_create
+ description: Source Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/oauth/{slug}/:
+ get:
+ operationId: sources_oauth_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_oauth_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_oauth_partial_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedOAuthSourceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/OAuthSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_oauth_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/oauth/{slug}/used_by/:
+ get:
+ operationId: sources_oauth_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/oauth/source_types/:
+ get:
+ operationId: sources_oauth_source_types_list
+ description: |-
+ Get all creatable source types. If ?name is set, only returns the type for .
+ If isn't found, returns the default type.
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/SourceType'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/plex/:
+ get:
+ operationId: sources_plex_list
+ description: Plex source Viewset
+ parameters:
+ - in: query
+ name: allow_friends
+ schema:
+ type: boolean
+ - in: query
+ name: authentication_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: client_id
+ schema:
+ type: string
+ - in: query
+ name: enabled
+ schema:
+ type: boolean
+ - in: query
+ name: enrollment_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_engine_mode
+ schema:
+ type: string
+ enum:
+ - all
+ - any
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ - in: query
+ name: user_matching_mode
+ schema:
+ type: string
+ enum:
+ - email_deny
+ - email_link
+ - identifier
+ - username_deny
+ - username_link
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPlexSourceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_plex_create
+ description: Plex source Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/plex/{slug}/:
+ get:
+ operationId: sources_plex_retrieve
+ description: Plex source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_plex_update
+ description: Plex source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_plex_partial_update
+ description: Plex source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPlexSourceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_plex_destroy
+ description: Plex source Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/plex/{slug}/used_by/:
+ get:
+ operationId: sources_plex_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/plex/redeem_token/:
+ post:
+ operationId: sources_plex_redeem_token_create
+ description: |-
+ Redeem a plex token, check it's access to resources against what's allowed
+ for the source, and redirect to an authentication/enrollment flow.
+ parameters:
+ - in: query
+ name: slug
+ schema:
+ type: string
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexTokenRedeemRequest'
+ required: true
+ security:
+ - authentik: []
+ - {}
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/RedirectChallenge'
+ description: ''
+ '400':
+ description: Token not found
+ '403':
+ description: Access denied
+ /sources/plex/redeem_token_authenticated/:
+ post:
+ operationId: sources_plex_redeem_token_authenticated_create
+ description: Redeem a plex token for an authenticated user, creating a connection
+ parameters:
+ - in: query
+ name: slug
+ schema:
+ type: string
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexTokenRedeemRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ description: Token not found
+ '403':
+ description: Access denied
+ /sources/saml/:
+ get:
+ operationId: sources_saml_list
+ description: SAMLSource Viewset
+ parameters:
+ - in: query
+ name: allow_idp_initiated
+ schema:
+ type: boolean
+ - in: query
+ name: authentication_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: binding_type
+ schema:
+ type: string
+ enum:
+ - POST
+ - POST_AUTO
+ - REDIRECT
+ - in: query
+ name: digest_algorithm
+ schema:
+ type: string
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#sha1
+ - http://www.w3.org/2001/04/xmldsig-more#sha384
+ - http://www.w3.org/2001/04/xmlenc#sha256
+ - http://www.w3.org/2001/04/xmlenc#sha512
+ - in: query
+ name: enabled
+ schema:
+ type: boolean
+ - in: query
+ name: enrollment_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: issuer
+ schema:
+ type: string
+ - in: query
+ name: managed
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: name_id_policy
+ schema:
+ type: string
+ enum:
+ - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ description: NameID Policy sent to the IdP. Can be unset, in which case no
+ Policy is sent.
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: policy_engine_mode
+ schema:
+ type: string
+ enum:
+ - all
+ - any
+ - in: query
+ name: pre_authentication_flow
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: signature_algorithm
+ schema:
+ type: string
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#dsa-sha1
+ - http://www.w3.org/2000/09/xmldsig#rsa-sha1
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
+ - in: query
+ name: signing_kp
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: slo_url
+ schema:
+ type: string
+ - in: query
+ name: slug
+ schema:
+ type: string
+ - in: query
+ name: sso_url
+ schema:
+ type: string
+ - in: query
+ name: temporary_user_delete_after
+ schema:
+ type: string
+ - in: query
+ name: user_matching_mode
+ schema:
+ type: string
+ enum:
+ - email_deny
+ - email_link
+ - identifier
+ - username_deny
+ - username_link
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedSAMLSourceList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_saml_create
+ description: SAMLSource Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/saml/{slug}/:
+ get:
+ operationId: sources_saml_retrieve
+ description: SAMLSource Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_saml_update
+ description: SAMLSource Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSourceRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_saml_partial_update
+ description: SAMLSource Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedSAMLSourceRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLSource'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_saml_destroy
+ description: SAMLSource Viewset
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/saml/{slug}/metadata/:
+ get:
+ operationId: sources_saml_metadata_retrieve
+ description: Return metadata as XML string
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/SAMLMetadata'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/saml/{slug}/used_by/:
+ get:
+ operationId: sources_saml_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: slug
+ schema:
+ type: string
+ description: Internal source name, used in URLs.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/all/:
+ get:
+ operationId: sources_user_connections_all_list
+ description: User-source connection Viewset
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserSourceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/all/{id}/:
+ get:
+ operationId: sources_user_connections_all_retrieve
+ description: User-source connection Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this user source connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_user_connections_all_update
+ description: User-source connection Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this user source connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_user_connections_all_partial_update
+ description: User-source connection Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this user source connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_user_connections_all_destroy
+ description: User-source connection Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this user source connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/all/{id}/used_by/:
+ get:
+ operationId: sources_user_connections_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this user source connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/oauth/:
+ get:
+ operationId: sources_user_connections_oauth_list
+ description: Source Viewset
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: source__slug
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_user_connections_oauth_create
+ description: Source Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/oauth/{id}/:
+ get:
+ operationId: sources_user_connections_oauth_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User OAuth Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_user_connections_oauth_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User OAuth Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_user_connections_oauth_partial_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User OAuth Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserOAuthSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_user_connections_oauth_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User OAuth Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/oauth/{id}/used_by/:
+ get:
+ operationId: sources_user_connections_oauth_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User OAuth Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/plex/:
+ get:
+ operationId: sources_user_connections_plex_list
+ description: Plex Source connection Serializer
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: source__slug
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPlexSourceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_user_connections_plex_create
+ description: Plex Source connection Serializer
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/plex/{id}/:
+ get:
+ operationId: sources_user_connections_plex_retrieve
+ description: Plex Source connection Serializer
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Plex Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_user_connections_plex_update
+ description: Plex Source connection Serializer
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Plex Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_user_connections_plex_partial_update
+ description: Plex Source connection Serializer
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Plex Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPlexSourceConnectionRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PlexSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_user_connections_plex_destroy
+ description: Plex Source connection Serializer
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Plex Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/plex/{id}/used_by/:
+ get:
+ operationId: sources_user_connections_plex_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User Plex Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/saml/:
+ get:
+ operationId: sources_user_connections_saml_list
+ description: Source Viewset
+ parameters:
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: source__slug
+ schema:
+ type: string
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: sources_user_connections_saml_create
+ description: Source Viewset
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/saml/{id}/:
+ get:
+ operationId: sources_user_connections_saml_retrieve
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User SAML Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: sources_user_connections_saml_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User SAML Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: sources_user_connections_saml_partial_update
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User SAML Source Connection.
+ required: true
+ tags:
+ - sources
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserSAMLSourceConnection'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: sources_user_connections_saml_destroy
+ description: Source Viewset
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User SAML Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /sources/user_connections/saml/{id}/used_by/:
+ get:
+ operationId: sources_user_connections_saml_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: id
+ schema:
+ type: integer
+ description: A unique integer value identifying this User SAML Source Connection.
+ required: true
+ tags:
+ - sources
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/all/:
+ get:
+ operationId: stages_all_list
+ description: Stage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/all/{stage_uuid}/:
+ get:
+ operationId: stages_all_retrieve
+ description: Stage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Stage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_all_destroy
+ description: Stage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/all/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_all_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/all/types/:
+ get:
+ operationId: stages_all_types_list
+ description: Get all creatable stage types
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/all/user_settings/:
+ get:
+ operationId: stages_all_user_settings_list
+ description: Get all stages the user can configure
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserSetting'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/:
+ get:
+ operationId: stages_authenticator_duo_list
+ description: AuthenticatorDuoStage Viewset
+ parameters:
+ - in: query
+ name: api_hostname
+ schema:
+ type: string
+ - in: query
+ name: client_id
+ schema:
+ type: string
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_duo_create
+ description: AuthenticatorDuoStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_duo_retrieve
+ description: AuthenticatorDuoStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_duo_update
+ description: AuthenticatorDuoStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_duo_partial_update
+ description: AuthenticatorDuoStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_duo_destroy
+ description: AuthenticatorDuoStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/{stage_uuid}/enrollment_status/:
+ post:
+ operationId: stages_authenticator_duo_enrollment_status_create
+ description: Check enrollment status of user details in current session
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/{stage_uuid}/import_device_manual/:
+ post:
+ operationId: stages_authenticator_duo_import_device_manual_create
+ description: Import duo devices into authentik
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: Enrollment successful
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
+ post:
+ operationId: stages_authenticator_duo_import_devices_automatic_create
+ description: Import duo devices into authentik
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
+ description: ''
+ '400':
+ description: Bad request
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/duo/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_duo_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Duo Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/sms/:
+ get:
+ operationId: stages_authenticator_sms_list
+ description: AuthenticatorSMSStage Viewset
+ parameters:
+ - in: query
+ name: account_sid
+ schema:
+ type: string
+ - in: query
+ name: auth
+ schema:
+ type: string
+ - in: query
+ name: auth_password
+ schema:
+ type: string
+ - in: query
+ name: auth_type
+ schema:
+ type: string
+ enum:
+ - basic
+ - bearer
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: from_number
+ schema:
+ type: string
+ - in: query
+ name: mapping
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: provider
+ schema:
+ type: string
+ enum:
+ - generic
+ - twilio
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: verify_only
+ schema:
+ type: boolean
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_sms_create
+ description: AuthenticatorSMSStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/sms/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_sms_retrieve
+ description: AuthenticatorSMSStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SMS Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_sms_update
+ description: AuthenticatorSMSStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SMS Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_sms_partial_update
+ description: AuthenticatorSMSStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SMS Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorSMSStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_sms_destroy
+ description: AuthenticatorSMSStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SMS Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/sms/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_sms_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this SMS Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/static/:
+ get:
+ operationId: stages_authenticator_static_list
+ description: AuthenticatorStaticStage Viewset
+ parameters:
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: token_count
+ schema:
+ type: integer
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_static_create
+ description: AuthenticatorStaticStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/static/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_static_retrieve
+ description: AuthenticatorStaticStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Static Authenticator Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_static_update
+ description: AuthenticatorStaticStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Static Authenticator Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_static_partial_update
+ description: AuthenticatorStaticStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Static Authenticator Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorStaticStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_static_destroy
+ description: AuthenticatorStaticStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Static Authenticator Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/static/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_static_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Static Authenticator Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/totp/:
+ get:
+ operationId: stages_authenticator_totp_list
+ description: AuthenticatorTOTPStage Viewset
+ parameters:
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: digits
+ schema:
+ type: integer
+ enum:
+ - 6
+ - 8
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_totp_create
+ description: AuthenticatorTOTPStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/totp/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_totp_retrieve
+ description: AuthenticatorTOTPStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this TOTP Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_totp_update
+ description: AuthenticatorTOTPStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this TOTP Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_totp_partial_update
+ description: AuthenticatorTOTPStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this TOTP Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorTOTPStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_totp_destroy
+ description: AuthenticatorTOTPStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this TOTP Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/totp/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_totp_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this TOTP Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/validate/:
+ get:
+ operationId: stages_authenticator_validate_list
+ description: AuthenticatorValidateStage Viewset
+ parameters:
+ - in: query
+ name: configuration_stages
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: not_configured_action
+ schema:
+ type: string
+ enum:
+ - configure
+ - deny
+ - skip
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_validate_create
+ description: AuthenticatorValidateStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/validate/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_validate_retrieve
+ description: AuthenticatorValidateStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticator Validation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_validate_update
+ description: AuthenticatorValidateStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticator Validation Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_validate_partial_update
+ description: AuthenticatorValidateStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticator Validation Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticatorValidateStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_validate_destroy
+ description: AuthenticatorValidateStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticator Validation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/validate/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_validate_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Authenticator Validation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/webauthn/:
+ get:
+ operationId: stages_authenticator_webauthn_list
+ description: AuthenticateWebAuthnStage Viewset
+ parameters:
+ - in: query
+ name: authenticator_attachment
+ schema:
+ type: string
+ nullable: true
+ enum:
+ - cross-platform
+ - platform
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: resident_key_requirement
+ schema:
+ type: string
+ enum:
+ - discouraged
+ - preferred
+ - required
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: user_verification
+ schema:
+ type: string
+ enum:
+ - discouraged
+ - preferred
+ - required
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_authenticator_webauthn_create
+ description: AuthenticateWebAuthnStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/webauthn/{stage_uuid}/:
+ get:
+ operationId: stages_authenticator_webauthn_retrieve
+ description: AuthenticateWebAuthnStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_authenticator_webauthn_update
+ description: AuthenticateWebAuthnStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_authenticator_webauthn_partial_update
+ description: AuthenticateWebAuthnStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_authenticator_webauthn_destroy
+ description: AuthenticateWebAuthnStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/authenticator/webauthn/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_authenticator_webauthn_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/captcha/:
+ get:
+ operationId: stages_captcha_list
+ description: CaptchaStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: public_key
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedCaptchaStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_captcha_create
+ description: CaptchaStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/captcha/{stage_uuid}/:
+ get:
+ operationId: stages_captcha_retrieve
+ description: CaptchaStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Captcha Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_captcha_update
+ description: CaptchaStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Captcha Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_captcha_partial_update
+ description: CaptchaStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Captcha Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedCaptchaStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CaptchaStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_captcha_destroy
+ description: CaptchaStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Captcha Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/captcha/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_captcha_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Captcha Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/consent/:
+ get:
+ operationId: stages_consent_list
+ description: ConsentStage Viewset
+ parameters:
+ - in: query
+ name: consent_expire_in
+ schema:
+ type: string
+ - in: query
+ name: mode
+ schema:
+ type: string
+ enum:
+ - always_require
+ - expiring
+ - permanent
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedConsentStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_consent_create
+ description: ConsentStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/consent/{stage_uuid}/:
+ get:
+ operationId: stages_consent_retrieve
+ description: ConsentStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Consent Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_consent_update
+ description: ConsentStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Consent Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_consent_partial_update
+ description: ConsentStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Consent Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedConsentStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ConsentStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_consent_destroy
+ description: ConsentStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Consent Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/consent/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_consent_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Consent Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/deny/:
+ get:
+ operationId: stages_deny_list
+ description: DenyStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDenyStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_deny_create
+ description: DenyStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/deny/{stage_uuid}/:
+ get:
+ operationId: stages_deny_retrieve
+ description: DenyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Deny Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_deny_update
+ description: DenyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Deny Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_deny_partial_update
+ description: DenyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Deny Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDenyStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DenyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_deny_destroy
+ description: DenyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Deny Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/deny/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_deny_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Deny Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/dummy/:
+ get:
+ operationId: stages_dummy_list
+ description: DummyStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedDummyStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_dummy_create
+ description: DummyStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/dummy/{stage_uuid}/:
+ get:
+ operationId: stages_dummy_retrieve
+ description: DummyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_dummy_update
+ description: DummyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_dummy_partial_update
+ description: DummyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedDummyStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/DummyStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_dummy_destroy
+ description: DummyStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/dummy/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_dummy_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Dummy Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/email/:
+ get:
+ operationId: stages_email_list
+ description: EmailStage Viewset
+ parameters:
+ - in: query
+ name: activate_user_on_success
+ schema:
+ type: boolean
+ - in: query
+ name: from_address
+ schema:
+ type: string
+ - in: query
+ name: host
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: port
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: subject
+ schema:
+ type: string
+ - in: query
+ name: template
+ schema:
+ type: string
+ - in: query
+ name: timeout
+ schema:
+ type: integer
+ - in: query
+ name: token_expiry
+ schema:
+ type: integer
+ - in: query
+ name: use_global_settings
+ schema:
+ type: boolean
+ - in: query
+ name: use_ssl
+ schema:
+ type: boolean
+ - in: query
+ name: use_tls
+ schema:
+ type: boolean
+ - in: query
+ name: username
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedEmailStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_email_create
+ description: EmailStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/email/{stage_uuid}/:
+ get:
+ operationId: stages_email_retrieve
+ description: EmailStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Email Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_email_update
+ description: EmailStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Email Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_email_partial_update
+ description: EmailStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Email Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedEmailStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/EmailStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_email_destroy
+ description: EmailStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Email Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/email/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_email_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Email Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/email/templates/:
+ get:
+ operationId: stages_email_templates_list
+ description: Get all available templates, including custom templates
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/TypeCreate'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/identification/:
+ get:
+ operationId: stages_identification_list
+ description: IdentificationStage Viewset
+ parameters:
+ - in: query
+ name: case_insensitive_matching
+ schema:
+ type: boolean
+ - in: query
+ name: enrollment_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: password_stage
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: passwordless_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: recovery_flow
+ schema:
+ type: string
+ format: uuid
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: show_matched_user
+ schema:
+ type: boolean
+ - in: query
+ name: show_source_labels
+ schema:
+ type: boolean
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedIdentificationStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_identification_create
+ description: IdentificationStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/identification/{stage_uuid}/:
+ get:
+ operationId: stages_identification_retrieve
+ description: IdentificationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Identification Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_identification_update
+ description: IdentificationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Identification Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_identification_partial_update
+ description: IdentificationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Identification Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedIdentificationStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/IdentificationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_identification_destroy
+ description: IdentificationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Identification Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/identification/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_identification_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Identification Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/invitations/:
+ get:
+ operationId: stages_invitation_invitations_list
+ description: Invitation Viewset
+ parameters:
+ - in: query
+ name: created_by__username
+ schema:
+ type: string
+ - in: query
+ name: expires
+ schema:
+ type: string
+ format: date-time
+ - in: query
+ name: flow__slug
+ schema:
+ type: string
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedInvitationList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_invitation_invitations_create
+ description: Invitation Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Invitation'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/invitations/{invite_uuid}/:
+ get:
+ operationId: stages_invitation_invitations_retrieve
+ description: Invitation Viewset
+ parameters:
+ - in: path
+ name: invite_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Invitation'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_invitation_invitations_update
+ description: Invitation Viewset
+ parameters:
+ - in: path
+ name: invite_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Invitation'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_invitation_invitations_partial_update
+ description: Invitation Viewset
+ parameters:
+ - in: path
+ name: invite_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedInvitationRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Invitation'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_invitation_invitations_destroy
+ description: Invitation Viewset
+ parameters:
+ - in: path
+ name: invite_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/invitations/{invite_uuid}/used_by/:
+ get:
+ operationId: stages_invitation_invitations_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: invite_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/stages/:
+ get:
+ operationId: stages_invitation_stages_list
+ description: InvitationStage Viewset
+ parameters:
+ - in: query
+ name: continue_flow_without_invitation
+ schema:
+ type: boolean
+ - in: query
+ name: name
+ schema:
+ type: string
+ - in: query
+ name: no_flows
+ schema:
+ type: boolean
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedInvitationStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_invitation_stages_create
+ description: InvitationStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/stages/{stage_uuid}/:
+ get:
+ operationId: stages_invitation_stages_retrieve
+ description: InvitationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_invitation_stages_update
+ description: InvitationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_invitation_stages_partial_update
+ description: InvitationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedInvitationStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/InvitationStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_invitation_stages_destroy
+ description: InvitationStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/invitation/stages/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_invitation_stages_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Invitation Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/password/:
+ get:
+ operationId: stages_password_list
+ description: PasswordStage Viewset
+ parameters:
+ - in: query
+ name: configure_flow
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: failed_attempts_before_cancel
+ schema:
+ type: integer
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPasswordStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_password_create
+ description: PasswordStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/password/{stage_uuid}/:
+ get:
+ operationId: stages_password_retrieve
+ description: PasswordStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_password_update
+ description: PasswordStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_password_partial_update
+ description: PasswordStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPasswordStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PasswordStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_password_destroy
+ description: PasswordStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/password/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_password_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Password Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/prompts/:
+ get:
+ operationId: stages_prompt_prompts_list
+ description: Prompt Viewset
+ parameters:
+ - in: query
+ name: field_key
+ schema:
+ type: string
+ - in: query
+ name: label
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - in: query
+ name: placeholder
+ schema:
+ type: string
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: type
+ schema:
+ type: string
+ enum:
+ - ak-locale
+ - checkbox
+ - date
+ - date-time
+ - email
+ - file
+ - hidden
+ - number
+ - password
+ - separator
+ - static
+ - text
+ - text_read_only
+ - username
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPromptList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_prompt_prompts_create
+ description: Prompt Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Prompt'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/prompts/{prompt_uuid}/:
+ get:
+ operationId: stages_prompt_prompts_retrieve
+ description: Prompt Viewset
+ parameters:
+ - in: path
+ name: prompt_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Prompt'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_prompt_prompts_update
+ description: Prompt Viewset
+ parameters:
+ - in: path
+ name: prompt_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Prompt'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_prompt_prompts_partial_update
+ description: Prompt Viewset
+ parameters:
+ - in: path
+ name: prompt_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPromptRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/Prompt'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_prompt_prompts_destroy
+ description: Prompt Viewset
+ parameters:
+ - in: path
+ name: prompt_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/prompts/{prompt_uuid}/used_by/:
+ get:
+ operationId: stages_prompt_prompts_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: prompt_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/stages/:
+ get:
+ operationId: stages_prompt_stages_list
+ description: PromptStage Viewset
+ parameters:
+ - in: query
+ name: fields
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: validation_policies
+ schema:
+ type: array
+ items:
+ type: string
+ format: uuid
+ explode: true
+ style: form
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedPromptStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_prompt_stages_create
+ description: PromptStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/stages/{stage_uuid}/:
+ get:
+ operationId: stages_prompt_stages_retrieve
+ description: PromptStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_prompt_stages_update
+ description: PromptStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_prompt_stages_partial_update
+ description: PromptStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedPromptStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PromptStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_prompt_stages_destroy
+ description: PromptStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/prompt/stages/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_prompt_stages_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this Prompt Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_delete/:
+ get:
+ operationId: stages_user_delete_list
+ description: UserDeleteStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserDeleteStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_user_delete_create
+ description: UserDeleteStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_delete/{stage_uuid}/:
+ get:
+ operationId: stages_user_delete_retrieve
+ description: UserDeleteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Delete Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_user_delete_update
+ description: UserDeleteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Delete Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_user_delete_partial_update
+ description: UserDeleteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Delete Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserDeleteStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserDeleteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_user_delete_destroy
+ description: UserDeleteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Delete Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_delete/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_user_delete_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Delete Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_login/:
+ get:
+ operationId: stages_user_login_list
+ description: UserLoginStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: session_duration
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserLoginStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_user_login_create
+ description: UserLoginStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_login/{stage_uuid}/:
+ get:
+ operationId: stages_user_login_retrieve
+ description: UserLoginStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Login Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_user_login_update
+ description: UserLoginStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Login Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_user_login_partial_update
+ description: UserLoginStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Login Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserLoginStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLoginStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_user_login_destroy
+ description: UserLoginStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Login Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_login/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_user_login_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Login Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_logout/:
+ get:
+ operationId: stages_user_logout_list
+ description: UserLogoutStage Viewset
+ parameters:
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserLogoutStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_user_logout_create
+ description: UserLogoutStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_logout/{stage_uuid}/:
+ get:
+ operationId: stages_user_logout_retrieve
+ description: UserLogoutStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Logout Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_user_logout_update
+ description: UserLogoutStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Logout Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_user_logout_partial_update
+ description: UserLogoutStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Logout Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserLogoutStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserLogoutStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_user_logout_destroy
+ description: UserLogoutStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Logout Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_logout/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_user_logout_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Logout Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_write/:
+ get:
+ operationId: stages_user_write_list
+ description: UserWriteStage Viewset
+ parameters:
+ - in: query
+ name: can_create_users
+ schema:
+ type: boolean
+ - in: query
+ name: create_users_as_inactive
+ schema:
+ type: boolean
+ - in: query
+ name: create_users_group
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: name
+ schema:
+ type: string
+ - name: ordering
+ required: false
+ in: query
+ description: Which field to use when ordering the results.
+ schema:
+ type: string
+ - name: page
+ required: false
+ in: query
+ description: A page number within the paginated result set.
+ schema:
+ type: integer
+ - name: page_size
+ required: false
+ in: query
+ description: Number of results to return per page.
+ schema:
+ type: integer
+ - name: search
+ required: false
+ in: query
+ description: A search term.
+ schema:
+ type: string
+ - in: query
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ - in: query
+ name: user_path_template
+ schema:
+ type: string
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PaginatedUserWriteStageList'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ post:
+ operationId: stages_user_write_create
+ description: UserWriteStage Viewset
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '201':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_write/{stage_uuid}/:
+ get:
+ operationId: stages_user_write_retrieve
+ description: UserWriteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Write Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ put:
+ operationId: stages_user_write_update
+ description: UserWriteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Write Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStageRequest'
+ required: true
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ patch:
+ operationId: stages_user_write_partial_update
+ description: UserWriteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Write Stage.
+ required: true
+ tags:
+ - stages
+ requestBody:
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/PatchedUserWriteStageRequest'
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/UserWriteStage'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ delete:
+ operationId: stages_user_write_destroy
+ description: UserWriteStage Viewset
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Write Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '204':
+ description: No response body
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+ /stages/user_write/{stage_uuid}/used_by/:
+ get:
+ operationId: stages_user_write_used_by_list
+ description: Get a list of all objects that use this object
+ parameters:
+ - in: path
+ name: stage_uuid
+ schema:
+ type: string
+ format: uuid
+ description: A UUID string identifying this User Write Stage.
+ required: true
+ tags:
+ - stages
+ security:
+ - authentik: []
+ responses:
+ '200':
+ content:
+ application/json:
+ schema:
+ type: array
+ items:
+ $ref: '#/components/schemas/UsedBy'
+ description: ''
+ '400':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ValidationError'
+ description: ''
+ '403':
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/GenericError'
+ description: ''
+components:
+ schemas:
+ AccessDeniedChallenge:
+ type: object
+ description: Challenge when a flow's active stage calls `stage_invalid()`.
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-access-denied
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ error_message:
+ type: string
+ required:
+ - pending_user
+ - pending_user_avatar
+ - type
+ App:
+ type: object
+ description: Serialize Application info
+ properties:
+ name:
+ type: string
+ label:
+ type: string
+ required:
+ - label
+ - name
+ AppEnum:
+ enum:
+ - authentik.admin
+ - authentik.api
+ - authentik.crypto
+ - authentik.events
+ - authentik.flows
+ - authentik.lib
+ - authentik.outposts
+ - authentik.policies.dummy
+ - authentik.policies.event_matcher
+ - authentik.policies.expiry
+ - authentik.policies.expression
+ - authentik.policies.hibp
+ - authentik.policies.password
+ - authentik.policies.reputation
+ - authentik.policies
+ - authentik.providers.ldap
+ - authentik.providers.oauth2
+ - authentik.providers.proxy
+ - authentik.providers.saml
+ - authentik.recovery
+ - authentik.sources.ldap
+ - authentik.sources.oauth
+ - authentik.sources.plex
+ - authentik.sources.saml
+ - authentik.stages.authenticator_duo
+ - authentik.stages.authenticator_sms
+ - authentik.stages.authenticator_static
+ - authentik.stages.authenticator_totp
+ - authentik.stages.authenticator_validate
+ - authentik.stages.authenticator_webauthn
+ - authentik.stages.captcha
+ - authentik.stages.consent
+ - authentik.stages.deny
+ - authentik.stages.dummy
+ - authentik.stages.email
+ - authentik.stages.identification
+ - authentik.stages.invitation
+ - authentik.stages.password
+ - authentik.stages.prompt
+ - authentik.stages.user_delete
+ - authentik.stages.user_login
+ - authentik.stages.user_logout
+ - authentik.stages.user_write
+ - authentik.tenants
+ - authentik.blueprints
+ - authentik.core
+ type: string
+ AppleChallengeResponseRequest:
+ type: object
+ description: Pseudo class for plex response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-source-oauth-apple
+ AppleLoginChallenge:
+ type: object
+ description: Special challenge for apple-native authentication flow, which happens
+ on the client.
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-source-oauth-apple
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ client_id:
+ type: string
+ scope:
+ type: string
+ redirect_uri:
+ type: string
+ state:
+ type: string
+ required:
+ - client_id
+ - redirect_uri
+ - scope
+ - state
+ - type
+ Application:
+ type: object
+ description: Application Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Application's display Name.
+ slug:
+ type: string
+ description: Internal application name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ provider:
+ type: integer
+ nullable: true
+ provider_obj:
+ allOf:
+ - $ref: '#/components/schemas/Provider'
+ readOnly: true
+ launch_url:
+ type: string
+ nullable: true
+ readOnly: true
+ open_in_new_tab:
+ type: boolean
+ description: Open launch URL in a new browser tab or window.
+ meta_launch_url:
+ type: string
+ format: uri
+ meta_icon:
+ type: string
+ nullable: true
+ readOnly: true
+ meta_description:
+ type: string
+ meta_publisher:
+ type: string
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ group:
+ type: string
+ required:
+ - launch_url
+ - meta_icon
+ - name
+ - pk
+ - provider_obj
+ - slug
+ ApplicationRequest:
+ type: object
+ description: Application Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Application's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal application name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ provider:
+ type: integer
+ nullable: true
+ open_in_new_tab:
+ type: boolean
+ description: Open launch URL in a new browser tab or window.
+ meta_launch_url:
+ type: string
+ format: uri
+ meta_description:
+ type: string
+ meta_publisher:
+ type: string
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ group:
+ type: string
+ required:
+ - name
+ - slug
+ AuthTypeEnum:
+ enum:
+ - basic
+ - bearer
+ type: string
+ AuthenticateWebAuthnStage:
+ type: object
+ description: AuthenticateWebAuthnStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ user_verification:
+ $ref: '#/components/schemas/UserVerificationEnum'
+ authenticator_attachment:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
+ nullable: true
+ resident_key_requirement:
+ $ref: '#/components/schemas/ResidentKeyRequirementEnum'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ AuthenticateWebAuthnStageRequest:
+ type: object
+ description: AuthenticateWebAuthnStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ user_verification:
+ $ref: '#/components/schemas/UserVerificationEnum'
+ authenticator_attachment:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
+ nullable: true
+ resident_key_requirement:
+ $ref: '#/components/schemas/ResidentKeyRequirementEnum'
+ required:
+ - name
+ AuthenticatedSession:
+ type: object
+ description: AuthenticatedSession Serializer
+ properties:
+ uuid:
+ type: string
+ format: uuid
+ current:
+ type: boolean
+ readOnly: true
+ user_agent:
+ type: object
+ description: User agent details
+ properties:
+ device:
+ type: object
+ description: User agent device
+ properties:
+ brand:
+ type: string
+ family:
+ type: string
+ model:
+ type: string
+ required:
+ - brand
+ - family
+ - model
+ os:
+ type: object
+ description: User agent os
+ properties:
+ family:
+ type: string
+ major:
+ type: string
+ minor:
+ type: string
+ patch:
+ type: string
+ patch_minor:
+ type: string
+ required:
+ - family
+ - major
+ - minor
+ - patch
+ - patch_minor
+ user_agent:
+ type: object
+ description: User agent browser
+ properties:
+ family:
+ type: string
+ major:
+ type: string
+ minor:
+ type: string
+ patch:
+ type: string
+ required:
+ - family
+ - major
+ - minor
+ - patch
+ string:
+ type: string
+ required:
+ - device
+ - os
+ - string
+ - user_agent
+ readOnly: true
+ geo_ip:
+ type: object
+ description: GeoIP Details
+ properties:
+ continent:
+ type: string
+ country:
+ type: string
+ lat:
+ type: number
+ format: double
+ long:
+ type: number
+ format: double
+ city:
+ type: string
+ required:
+ - city
+ - continent
+ - country
+ - lat
+ - long
+ nullable: true
+ readOnly: true
+ user:
+ type: integer
+ last_ip:
+ type: string
+ last_user_agent:
+ type: string
+ last_used:
+ type: string
+ format: date-time
+ readOnly: true
+ expires:
+ type: string
+ format: date-time
+ required:
+ - current
+ - geo_ip
+ - last_ip
+ - last_used
+ - user
+ - user_agent
+ AuthenticationEnum:
+ enum:
+ - none
+ - require_authenticated
+ - require_unauthenticated
+ - require_superuser
+ type: string
+ AuthenticatorAttachmentEnum:
+ enum:
+ - platform
+ - cross-platform
+ type: string
+ AuthenticatorDuoChallenge:
+ type: object
+ description: Duo Challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-duo
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ activation_barcode:
+ type: string
+ activation_code:
+ type: string
+ stage_uuid:
+ type: string
+ required:
+ - activation_barcode
+ - activation_code
+ - pending_user
+ - pending_user_avatar
+ - stage_uuid
+ - type
+ AuthenticatorDuoChallengeResponseRequest:
+ type: object
+ description: Pseudo class for duo response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-duo
+ AuthenticatorDuoStage:
+ type: object
+ description: AuthenticatorDuoStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ client_id:
+ type: string
+ api_hostname:
+ type: string
+ admin_integration_key:
+ type: string
+ required:
+ - api_hostname
+ - client_id
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ AuthenticatorDuoStageDeviceImportResponse:
+ type: object
+ properties:
+ count:
+ type: integer
+ readOnly: true
+ error:
+ type: string
+ readOnly: true
+ required:
+ - count
+ - error
+ AuthenticatorDuoStageManualDeviceImportRequest:
+ type: object
+ properties:
+ duo_user_id:
+ type: string
+ minLength: 1
+ username:
+ type: string
+ minLength: 1
+ required:
+ - duo_user_id
+ - username
+ AuthenticatorDuoStageRequest:
+ type: object
+ description: AuthenticatorDuoStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ client_id:
+ type: string
+ minLength: 1
+ client_secret:
+ type: string
+ writeOnly: true
+ minLength: 1
+ api_hostname:
+ type: string
+ minLength: 1
+ admin_integration_key:
+ type: string
+ admin_secret_key:
+ type: string
+ writeOnly: true
+ required:
+ - api_hostname
+ - client_id
+ - client_secret
+ - name
+ AuthenticatorSMSChallenge:
+ type: object
+ description: SMS Setup challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-sms
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ phone_number_required:
+ type: boolean
+ default: true
+ required:
+ - pending_user
+ - pending_user_avatar
+ - type
+ AuthenticatorSMSChallengeResponseRequest:
+ type: object
+ description: SMS Challenge response, device is set by get_response_instance
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-sms
+ code:
+ type: integer
+ phone_number:
+ type: string
+ minLength: 1
+ AuthenticatorSMSStage:
+ type: object
+ description: AuthenticatorSMSStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ provider:
+ $ref: '#/components/schemas/ProviderEnum'
+ from_number:
+ type: string
+ account_sid:
+ type: string
+ auth:
+ type: string
+ auth_password:
+ type: string
+ auth_type:
+ $ref: '#/components/schemas/AuthTypeEnum'
+ verify_only:
+ type: boolean
+ description: When enabled, the Phone number is only used during enrollment
+ to verify the users authenticity. Only a hash of the phone number is saved
+ to ensure it is not re-used in the future.
+ mapping:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally modify the payload being sent to custom providers.
+ required:
+ - account_sid
+ - auth
+ - component
+ - from_number
+ - meta_model_name
+ - name
+ - pk
+ - provider
+ - verbose_name
+ - verbose_name_plural
+ AuthenticatorSMSStageRequest:
+ type: object
+ description: AuthenticatorSMSStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ provider:
+ $ref: '#/components/schemas/ProviderEnum'
+ from_number:
+ type: string
+ minLength: 1
+ account_sid:
+ type: string
+ minLength: 1
+ auth:
+ type: string
+ minLength: 1
+ auth_password:
+ type: string
+ auth_type:
+ $ref: '#/components/schemas/AuthTypeEnum'
+ verify_only:
+ type: boolean
+ description: When enabled, the Phone number is only used during enrollment
+ to verify the users authenticity. Only a hash of the phone number is saved
+ to ensure it is not re-used in the future.
+ mapping:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally modify the payload being sent to custom providers.
+ required:
+ - account_sid
+ - auth
+ - from_number
+ - name
+ - provider
+ AuthenticatorStaticChallenge:
+ type: object
+ description: Static authenticator challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-static
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ codes:
+ type: array
+ items:
+ type: string
+ required:
+ - codes
+ - pending_user
+ - pending_user_avatar
+ - type
+ AuthenticatorStaticChallengeResponseRequest:
+ type: object
+ description: Pseudo class for static response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-static
+ AuthenticatorStaticStage:
+ type: object
+ description: AuthenticatorStaticStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ token_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ AuthenticatorStaticStageRequest:
+ type: object
+ description: AuthenticatorStaticStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ token_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ required:
+ - name
+ AuthenticatorTOTPChallenge:
+ type: object
+ description: TOTP Setup challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-totp
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ config_url:
+ type: string
+ required:
+ - config_url
+ - pending_user
+ - pending_user_avatar
+ - type
+ AuthenticatorTOTPChallengeResponseRequest:
+ type: object
+ description: TOTP Challenge response, device is set by get_response_instance
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-totp
+ code:
+ type: integer
+ required:
+ - code
+ AuthenticatorTOTPStage:
+ type: object
+ description: AuthenticatorTOTPStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ digits:
+ allOf:
+ - $ref: '#/components/schemas/DigitsEnum'
+ minimum: -2147483648
+ maximum: 2147483647
+ required:
+ - component
+ - digits
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ AuthenticatorTOTPStageRequest:
+ type: object
+ description: AuthenticatorTOTPStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ digits:
+ allOf:
+ - $ref: '#/components/schemas/DigitsEnum'
+ minimum: -2147483648
+ maximum: 2147483647
+ required:
+ - digits
+ - name
+ AuthenticatorValidateStage:
+ type: object
+ description: AuthenticatorValidateStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ not_configured_action:
+ $ref: '#/components/schemas/NotConfiguredActionEnum'
+ device_classes:
+ type: array
+ items:
+ $ref: '#/components/schemas/DeviceClassesEnum'
+ description: Device classes which can be used to authenticate
+ configuration_stages:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Stages used to configure Authenticator when user doesn't have
+ any compatible devices. After this configuration Stage passes, the user
+ is not prompted again.
+ last_auth_threshold:
+ type: string
+ description: If any of the user's device has been used within this threshold,
+ this stage will be skipped
+ webauthn_user_verification:
+ allOf:
+ - $ref: '#/components/schemas/UserVerificationEnum'
+ description: Enforce user verification for WebAuthn devices.
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ AuthenticatorValidateStageRequest:
+ type: object
+ description: AuthenticatorValidateStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ not_configured_action:
+ $ref: '#/components/schemas/NotConfiguredActionEnum'
+ device_classes:
+ type: array
+ items:
+ $ref: '#/components/schemas/DeviceClassesEnum'
+ description: Device classes which can be used to authenticate
+ configuration_stages:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Stages used to configure Authenticator when user doesn't have
+ any compatible devices. After this configuration Stage passes, the user
+ is not prompted again.
+ last_auth_threshold:
+ type: string
+ minLength: 1
+ description: If any of the user's device has been used within this threshold,
+ this stage will be skipped
+ webauthn_user_verification:
+ allOf:
+ - $ref: '#/components/schemas/UserVerificationEnum'
+ description: Enforce user verification for WebAuthn devices.
+ required:
+ - name
+ AuthenticatorValidationChallenge:
+ type: object
+ description: Authenticator challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-validate
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ device_challenges:
+ type: array
+ items:
+ $ref: '#/components/schemas/DeviceChallenge'
+ configuration_stages:
+ type: array
+ items:
+ $ref: '#/components/schemas/SelectableStage'
+ required:
+ - configuration_stages
+ - device_challenges
+ - pending_user
+ - pending_user_avatar
+ - type
+ AuthenticatorValidationChallengeResponseRequest:
+ type: object
+ description: Challenge used for Code-based and WebAuthn authenticators
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-validate
+ selected_challenge:
+ $ref: '#/components/schemas/DeviceChallengeRequest'
+ selected_stage:
+ type: string
+ minLength: 1
+ code:
+ type: string
+ minLength: 1
+ webauthn:
+ type: object
+ additionalProperties: {}
+ duo:
+ type: integer
+ AuthenticatorWebAuthnChallenge:
+ type: object
+ description: WebAuthn Challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-authenticator-webauthn
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ registration:
+ type: object
+ additionalProperties: {}
+ required:
+ - pending_user
+ - pending_user_avatar
+ - registration
+ - type
+ AuthenticatorWebAuthnChallengeResponseRequest:
+ type: object
+ description: WebAuthn Challenge response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-authenticator-webauthn
+ response:
+ type: object
+ additionalProperties: {}
+ required:
+ - response
+ AutoSubmitChallengeResponseRequest:
+ type: object
+ description: Pseudo class for autosubmit response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-autosubmit
+ AutosubmitChallenge:
+ type: object
+ description: Autosubmit challenge used to send and navigate a POST request
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-autosubmit
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ url:
+ type: string
+ attrs:
+ type: object
+ additionalProperties:
+ type: string
+ title:
+ type: string
+ required:
+ - attrs
+ - type
+ - url
+ BackendsEnum:
+ enum:
+ - authentik.core.auth.InbuiltBackend
+ - authentik.core.auth.TokenBackend
+ - authentik.sources.ldap.auth.LDAPBackend
+ type: string
+ BindingTypeEnum:
+ enum:
+ - REDIRECT
+ - POST
+ - POST_AUTO
+ type: string
+ BlueprintFile:
+ type: object
+ properties:
+ path:
+ type: string
+ last_m:
+ type: string
+ format: date-time
+ hash:
+ type: string
+ meta:
+ allOf:
+ - $ref: '#/components/schemas/Metadata'
+ readOnly: true
+ required:
+ - hash
+ - last_m
+ - meta
+ - path
+ BlueprintInstance:
+ type: object
+ description: Info about a single blueprint instance file
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Instance uuid
+ name:
+ type: string
+ path:
+ type: string
+ context:
+ type: object
+ additionalProperties: {}
+ last_applied:
+ type: string
+ format: date-time
+ readOnly: true
+ last_applied_hash:
+ type: string
+ readOnly: true
+ status:
+ allOf:
+ - $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
+ readOnly: true
+ enabled:
+ type: boolean
+ managed_models:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ metadata:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ required:
+ - last_applied
+ - last_applied_hash
+ - managed_models
+ - metadata
+ - name
+ - path
+ - pk
+ - status
+ BlueprintInstanceRequest:
+ type: object
+ description: Info about a single blueprint instance file
+ properties:
+ name:
+ type: string
+ minLength: 1
+ path:
+ type: string
+ minLength: 1
+ context:
+ type: object
+ additionalProperties: {}
+ enabled:
+ type: boolean
+ required:
+ - name
+ - path
+ BlueprintInstanceStatusEnum:
+ enum:
+ - successful
+ - warning
+ - error
+ - orphaned
+ - unknown
+ type: string
+ Cache:
+ type: object
+ description: Generic cache stats for an object
+ properties:
+ count:
+ type: integer
+ readOnly: true
+ required:
+ - count
+ CapabilitiesEnum:
+ enum:
+ - can_save_media
+ - can_geo_ip
+ - can_impersonate
+ - can_debug
+ type: string
+ CaptchaChallenge:
+ type: object
+ description: Site public key
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-captcha
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ site_key:
+ type: string
+ js_url:
+ type: string
+ readOnly: true
+ required:
+ - js_url
+ - pending_user
+ - pending_user_avatar
+ - site_key
+ - type
+ CaptchaChallengeResponseRequest:
+ type: object
+ description: Validate captcha token
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-captcha
+ token:
+ type: string
+ minLength: 1
+ required:
+ - token
+ CaptchaStage:
+ type: object
+ description: CaptchaStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ public_key:
+ type: string
+ description: Public key, acquired your captcha Provider.
+ js_url:
+ type: string
+ api_url:
+ type: string
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - public_key
+ - verbose_name
+ - verbose_name_plural
+ CaptchaStageRequest:
+ type: object
+ description: CaptchaStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ public_key:
+ type: string
+ minLength: 1
+ description: Public key, acquired your captcha Provider.
+ private_key:
+ type: string
+ writeOnly: true
+ minLength: 1
+ description: Private key, acquired your captcha Provider.
+ js_url:
+ type: string
+ minLength: 1
+ api_url:
+ type: string
+ minLength: 1
+ required:
+ - name
+ - private_key
+ - public_key
+ CertificateData:
+ type: object
+ description: Get CertificateKeyPair's data
+ properties:
+ data:
+ type: string
+ readOnly: true
+ required:
+ - data
+ CertificateGenerationRequest:
+ type: object
+ description: Certificate generation parameters
+ properties:
+ common_name:
+ type: string
+ minLength: 1
+ subject_alt_name:
+ type: string
+ validity_days:
+ type: integer
+ required:
+ - common_name
+ - validity_days
+ CertificateKeyPair:
+ type: object
+ description: CertificateKeyPair Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Kp uuid
+ name:
+ type: string
+ fingerprint_sha256:
+ type: string
+ nullable: true
+ readOnly: true
+ fingerprint_sha1:
+ type: string
+ nullable: true
+ readOnly: true
+ cert_expiry:
+ type: string
+ format: date-time
+ nullable: true
+ readOnly: true
+ cert_subject:
+ type: string
+ nullable: true
+ readOnly: true
+ private_key_available:
+ type: boolean
+ readOnly: true
+ private_key_type:
+ type: string
+ nullable: true
+ readOnly: true
+ certificate_download_url:
+ type: string
+ readOnly: true
+ private_key_download_url:
+ type: string
+ readOnly: true
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ required:
+ - cert_expiry
+ - cert_subject
+ - certificate_download_url
+ - fingerprint_sha1
+ - fingerprint_sha256
+ - name
+ - pk
+ - private_key_available
+ - private_key_download_url
+ - private_key_type
+ CertificateKeyPairRequest:
+ type: object
+ description: CertificateKeyPair Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ certificate_data:
+ type: string
+ writeOnly: true
+ minLength: 1
+ description: PEM-encoded Certificate data
+ key_data:
+ type: string
+ writeOnly: true
+ description: Optional Private Key. If this is set, you can use this keypair
+ for encryption.
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ required:
+ - certificate_data
+ - name
+ ChallengeChoices:
+ enum:
+ - native
+ - shell
+ - redirect
+ type: string
+ ChallengeTypes:
+ oneOf:
+ - $ref: '#/components/schemas/AccessDeniedChallenge'
+ - $ref: '#/components/schemas/AppleLoginChallenge'
+ - $ref: '#/components/schemas/AuthenticatorDuoChallenge'
+ - $ref: '#/components/schemas/AuthenticatorSMSChallenge'
+ - $ref: '#/components/schemas/AuthenticatorStaticChallenge'
+ - $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
+ - $ref: '#/components/schemas/AuthenticatorValidationChallenge'
+ - $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
+ - $ref: '#/components/schemas/AutosubmitChallenge'
+ - $ref: '#/components/schemas/CaptchaChallenge'
+ - $ref: '#/components/schemas/ConsentChallenge'
+ - $ref: '#/components/schemas/DummyChallenge'
+ - $ref: '#/components/schemas/EmailChallenge'
+ - $ref: '#/components/schemas/FlowErrorChallenge'
+ - $ref: '#/components/schemas/IdentificationChallenge'
+ - $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
+ - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
+ - $ref: '#/components/schemas/PasswordChallenge'
+ - $ref: '#/components/schemas/PlexAuthenticationChallenge'
+ - $ref: '#/components/schemas/PromptChallenge'
+ - $ref: '#/components/schemas/RedirectChallenge'
+ - $ref: '#/components/schemas/ShellChallenge'
+ discriminator:
+ propertyName: component
+ mapping:
+ ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
+ ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
+ ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
+ ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
+ ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
+ ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
+ ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
+ ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
+ ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
+ ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
+ ak-stage-consent: '#/components/schemas/ConsentChallenge'
+ ak-stage-dummy: '#/components/schemas/DummyChallenge'
+ ak-stage-email: '#/components/schemas/EmailChallenge'
+ xak-flow-error: '#/components/schemas/FlowErrorChallenge'
+ ak-stage-identification: '#/components/schemas/IdentificationChallenge'
+ ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
+ ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
+ ak-stage-password: '#/components/schemas/PasswordChallenge'
+ ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
+ ak-stage-prompt: '#/components/schemas/PromptChallenge'
+ xak-flow-redirect: '#/components/schemas/RedirectChallenge'
+ xak-flow-shell: '#/components/schemas/ShellChallenge'
+ ClientTypeEnum:
+ enum:
+ - confidential
+ - public
+ type: string
+ Config:
+ type: object
+ description: Serialize authentik Config into DRF Object
+ properties:
+ error_reporting:
+ $ref: '#/components/schemas/ErrorReportingConfig'
+ capabilities:
+ type: array
+ items:
+ $ref: '#/components/schemas/CapabilitiesEnum'
+ cache_timeout:
+ type: integer
+ cache_timeout_flows:
+ type: integer
+ cache_timeout_policies:
+ type: integer
+ cache_timeout_reputation:
+ type: integer
+ required:
+ - cache_timeout
+ - cache_timeout_flows
+ - cache_timeout_policies
+ - cache_timeout_reputation
+ - capabilities
+ - error_reporting
+ ConsentChallenge:
+ type: object
+ description: Challenge info for consent screens
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-consent
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ header_text:
+ type: string
+ permissions:
+ type: array
+ items:
+ $ref: '#/components/schemas/Permission'
+ additional_permissions:
+ type: array
+ items:
+ $ref: '#/components/schemas/Permission'
+ token:
+ type: string
+ required:
+ - additional_permissions
+ - pending_user
+ - pending_user_avatar
+ - permissions
+ - token
+ - type
+ ConsentChallengeResponseRequest:
+ type: object
+ description: Consent challenge response, any valid response request is valid
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-consent
+ token:
+ type: string
+ minLength: 1
+ required:
+ - token
+ ConsentStage:
+ type: object
+ description: ConsentStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ mode:
+ $ref: '#/components/schemas/ConsentStageModeEnum'
+ consent_expire_in:
+ type: string
+ title: Consent expires in
+ description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ ConsentStageModeEnum:
+ enum:
+ - always_require
+ - permanent
+ - expiring
+ type: string
+ ConsentStageRequest:
+ type: object
+ description: ConsentStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ mode:
+ $ref: '#/components/schemas/ConsentStageModeEnum'
+ consent_expire_in:
+ type: string
+ minLength: 1
+ title: Consent expires in
+ description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
+ required:
+ - name
+ ContextualFlowInfo:
+ type: object
+ description: Contextual flow information for a challenge
+ properties:
+ title:
+ type: string
+ background:
+ type: string
+ cancel_url:
+ type: string
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ required:
+ - cancel_url
+ - layout
+ Coordinate:
+ type: object
+ description: Coordinates for diagrams
+ properties:
+ x_cord:
+ type: integer
+ readOnly: true
+ y_cord:
+ type: integer
+ readOnly: true
+ required:
+ - x_cord
+ - y_cord
+ CurrentTenant:
+ type: object
+ description: Partial tenant information for styling
+ properties:
+ matched_domain:
+ type: string
+ branding_title:
+ type: string
+ branding_logo:
+ type: string
+ branding_favicon:
+ type: string
+ ui_footer_links:
+ type: array
+ items:
+ $ref: '#/components/schemas/FooterLink'
+ readOnly: true
+ default: []
+ flow_authentication:
+ type: string
+ flow_invalidation:
+ type: string
+ flow_recovery:
+ type: string
+ flow_unenrollment:
+ type: string
+ flow_user_settings:
+ type: string
+ flow_device_code:
+ type: string
+ default_locale:
+ type: string
+ readOnly: true
+ required:
+ - branding_favicon
+ - branding_logo
+ - branding_title
+ - default_locale
+ - matched_domain
+ - ui_footer_links
+ DeniedActionEnum:
+ enum:
+ - message_continue
+ - message
+ - continue
+ type: string
+ DenyStage:
+ type: object
+ description: DenyStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ DenyStageRequest:
+ type: object
+ description: DenyStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ required:
+ - name
+ Device:
+ type: object
+ description: Serializer for Duo authenticator devices
+ properties:
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ pk:
+ type: integer
+ name:
+ type: string
+ type:
+ type: string
+ readOnly: true
+ confirmed:
+ type: boolean
+ required:
+ - confirmed
+ - meta_model_name
+ - name
+ - pk
+ - type
+ - verbose_name
+ - verbose_name_plural
+ DeviceChallenge:
+ type: object
+ description: Single device challenge
+ properties:
+ device_class:
+ type: string
+ device_uid:
+ type: string
+ challenge:
+ type: object
+ additionalProperties: {}
+ required:
+ - challenge
+ - device_class
+ - device_uid
+ DeviceChallengeRequest:
+ type: object
+ description: Single device challenge
+ properties:
+ device_class:
+ type: string
+ minLength: 1
+ device_uid:
+ type: string
+ minLength: 1
+ challenge:
+ type: object
+ additionalProperties: {}
+ required:
+ - challenge
+ - device_class
+ - device_uid
+ DeviceClassesEnum:
+ enum:
+ - static
+ - totp
+ - webauthn
+ - duo
+ - sms
+ type: string
+ DigestAlgorithmEnum:
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#sha1
+ - http://www.w3.org/2001/04/xmlenc#sha256
+ - http://www.w3.org/2001/04/xmldsig-more#sha384
+ - http://www.w3.org/2001/04/xmlenc#sha512
+ type: string
+ DigitsEnum:
+ enum:
+ - 6
+ - 8
+ type: integer
+ DockerServiceConnection:
+ type: object
+ description: DockerServiceConnection Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ name:
+ type: string
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ url:
+ type: string
+ description: Can be in the format of 'unix://' when connecting to
+ a local docker daemon, or 'https://:2376' when connecting to
+ a remote system.
+ tls_verification:
+ type: string
+ format: uuid
+ nullable: true
+ description: CA which the endpoint's Certificate is verified against. Can
+ be left empty for no validation.
+ tls_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ description: Certificate/Key used for authentication. Can be left empty
+ for no authentication.
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - url
+ - verbose_name
+ - verbose_name_plural
+ DockerServiceConnectionRequest:
+ type: object
+ description: DockerServiceConnection Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ url:
+ type: string
+ minLength: 1
+ description: Can be in the format of 'unix://' when connecting to
+ a local docker daemon, or 'https://:2376' when connecting to
+ a remote system.
+ tls_verification:
+ type: string
+ format: uuid
+ nullable: true
+ description: CA which the endpoint's Certificate is verified against. Can
+ be left empty for no validation.
+ tls_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ description: Certificate/Key used for authentication. Can be left empty
+ for no authentication.
+ required:
+ - name
+ - url
+ DummyChallenge:
+ type: object
+ description: Dummy challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-dummy
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ required:
+ - type
+ DummyChallengeResponseRequest:
+ type: object
+ description: Dummy challenge response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-dummy
+ DummyPolicy:
+ type: object
+ description: Dummy Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ result:
+ type: boolean
+ wait_min:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ wait_max:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ DummyPolicyRequest:
+ type: object
+ description: Dummy Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ result:
+ type: boolean
+ wait_min:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ wait_max:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ DummyStage:
+ type: object
+ description: DummyStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ DummyStageRequest:
+ type: object
+ description: DummyStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ required:
+ - name
+ DuoDevice:
+ type: object
+ description: Serializer for Duo authenticator devices
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ description: The human-readable name of this device.
+ maxLength: 64
+ required:
+ - name
+ - pk
+ DuoDeviceEnrollmentStatus:
+ type: object
+ properties:
+ duo_response:
+ $ref: '#/components/schemas/DuoResponseEnum'
+ required:
+ - duo_response
+ DuoDeviceRequest:
+ type: object
+ description: Serializer for Duo authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ required:
+ - name
+ DuoResponseEnum:
+ enum:
+ - success
+ - waiting
+ - invalid
+ type: string
+ EmailChallenge:
+ type: object
+ description: Email challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-email
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ required:
+ - type
+ EmailChallengeResponseRequest:
+ type: object
+ description: |-
+ Email challenge resposen. No fields. This challenge is
+ always declared invalid to give the user a chance to retry
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-email
+ EmailStage:
+ type: object
+ description: EmailStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ use_global_settings:
+ type: boolean
+ description: When enabled, global Email connection settings will be used
+ and connection settings below will be ignored.
+ host:
+ type: string
+ port:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ username:
+ type: string
+ use_tls:
+ type: boolean
+ use_ssl:
+ type: boolean
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ from_address:
+ type: string
+ format: email
+ maxLength: 254
+ token_expiry:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Time in minutes the token sent is valid.
+ subject:
+ type: string
+ template:
+ type: string
+ activate_user_on_success:
+ type: boolean
+ description: Activate users upon completion of stage.
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ EmailStageRequest:
+ type: object
+ description: EmailStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ use_global_settings:
+ type: boolean
+ description: When enabled, global Email connection settings will be used
+ and connection settings below will be ignored.
+ host:
+ type: string
+ minLength: 1
+ port:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ username:
+ type: string
+ password:
+ type: string
+ writeOnly: true
+ use_tls:
+ type: boolean
+ use_ssl:
+ type: boolean
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ from_address:
+ type: string
+ format: email
+ minLength: 1
+ maxLength: 254
+ token_expiry:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Time in minutes the token sent is valid.
+ subject:
+ type: string
+ minLength: 1
+ template:
+ type: string
+ minLength: 1
+ activate_user_on_success:
+ type: boolean
+ description: Activate users upon completion of stage.
+ required:
+ - name
+ ErrorDetail:
+ type: object
+ description: Serializer for rest_framework's error messages
+ properties:
+ string:
+ type: string
+ code:
+ type: string
+ required:
+ - code
+ - string
+ ErrorReportingConfig:
+ type: object
+ description: Config for error reporting
+ properties:
+ enabled:
+ type: boolean
+ readOnly: true
+ sentry_dsn:
+ type: string
+ readOnly: true
+ environment:
+ type: string
+ readOnly: true
+ send_pii:
+ type: boolean
+ readOnly: true
+ traces_sample_rate:
+ type: number
+ format: double
+ readOnly: true
+ required:
+ - enabled
+ - environment
+ - send_pii
+ - sentry_dsn
+ - traces_sample_rate
+ Event:
+ type: object
+ description: Event Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Event uuid
+ user:
+ type: object
+ additionalProperties: {}
+ action:
+ $ref: '#/components/schemas/EventActions'
+ app:
+ type: string
+ context:
+ type: object
+ additionalProperties: {}
+ client_ip:
+ type: string
+ nullable: true
+ created:
+ type: string
+ format: date-time
+ readOnly: true
+ expires:
+ type: string
+ format: date-time
+ tenant:
+ type: object
+ additionalProperties: {}
+ required:
+ - action
+ - app
+ - created
+ - pk
+ EventActions:
+ enum:
+ - login
+ - login_failed
+ - logout
+ - user_write
+ - suspicious_request
+ - password_set
+ - secret_view
+ - secret_rotate
+ - invitation_used
+ - authorize_application
+ - source_linked
+ - impersonation_started
+ - impersonation_ended
+ - flow_execution
+ - policy_execution
+ - policy_exception
+ - property_mapping_exception
+ - system_task_execution
+ - system_task_exception
+ - system_exception
+ - configuration_error
+ - model_created
+ - model_updated
+ - model_deleted
+ - email_sent
+ - update_available
+ - custom_
+ type: string
+ EventMatcherPolicy:
+ type: object
+ description: Event Matcher Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ action:
+ allOf:
+ - $ref: '#/components/schemas/EventActions'
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
+ client_ip:
+ type: string
+ description: Matches Event's Client IP (strict matching, for network matching
+ use an Expression Policy)
+ app:
+ allOf:
+ - $ref: '#/components/schemas/AppEnum'
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ EventMatcherPolicyRequest:
+ type: object
+ description: Event Matcher Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ action:
+ allOf:
+ - $ref: '#/components/schemas/EventActions'
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
+ client_ip:
+ type: string
+ description: Matches Event's Client IP (strict matching, for network matching
+ use an Expression Policy)
+ app:
+ allOf:
+ - $ref: '#/components/schemas/AppEnum'
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
+ EventRequest:
+ type: object
+ description: Event Serializer
+ properties:
+ user:
+ type: object
+ additionalProperties: {}
+ action:
+ $ref: '#/components/schemas/EventActions'
+ app:
+ type: string
+ minLength: 1
+ context:
+ type: object
+ additionalProperties: {}
+ client_ip:
+ type: string
+ nullable: true
+ minLength: 1
+ expires:
+ type: string
+ format: date-time
+ tenant:
+ type: object
+ additionalProperties: {}
+ required:
+ - action
+ - app
+ EventTopPerUser:
+ type: object
+ description: Response object of Event's top_per_user
+ properties:
+ application:
+ type: object
+ additionalProperties: {}
+ counted_events:
+ type: integer
+ unique_users:
+ type: integer
+ required:
+ - application
+ - counted_events
+ - unique_users
+ ExpiringBaseGrantModel:
+ type: object
+ description: Serializer for BaseGrantModel and ExpiringBaseGrant
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ provider:
+ $ref: '#/components/schemas/OAuth2Provider'
+ user:
+ $ref: '#/components/schemas/User'
+ is_expired:
+ type: boolean
+ readOnly: true
+ expires:
+ type: string
+ format: date-time
+ scope:
+ type: array
+ items:
+ type: string
+ required:
+ - is_expired
+ - pk
+ - provider
+ - scope
+ - user
+ ExpressionPolicy:
+ type: object
+ description: Group Membership Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ expression:
+ type: string
+ required:
+ - bound_to
+ - component
+ - expression
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ ExpressionPolicyRequest:
+ type: object
+ description: Group Membership Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ expression:
+ type: string
+ minLength: 1
+ required:
+ - expression
+ FilePathRequest:
+ type: object
+ description: Serializer to upload file
+ properties:
+ url:
+ type: string
+ minLength: 1
+ required:
+ - url
+ FileUploadRequest:
+ type: object
+ description: Serializer to upload file
+ properties:
+ file:
+ type: string
+ format: binary
+ clear:
+ type: boolean
+ default: false
+ Flow:
+ type: object
+ description: Flow Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Flow uuid
+ policybindingmodel_ptr_id:
+ type: string
+ format: uuid
+ readOnly: true
+ name:
+ type: string
+ slug:
+ type: string
+ description: Visible in the URL.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ title:
+ type: string
+ description: Shown as the Title in Flow pages.
+ designation:
+ allOf:
+ - $ref: '#/components/schemas/FlowDesignationEnum'
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ background:
+ type: string
+ readOnly: true
+ stages:
+ type: array
+ items:
+ type: string
+ format: uuid
+ readOnly: true
+ policies:
+ type: array
+ items:
+ type: string
+ format: uuid
+ readOnly: true
+ cache_count:
+ type: integer
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ compatibility_mode:
+ type: boolean
+ description: Enable compatibility mode, increases compatibility with password
+ managers on mobile devices.
+ export_url:
+ type: string
+ readOnly: true
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ denied_action:
+ allOf:
+ - $ref: '#/components/schemas/DeniedActionEnum'
+ description: Configure what should happen when a flow denies access to a
+ user.
+ authentication:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticationEnum'
+ description: Required level of authentication and authorization to access
+ a flow.
+ required:
+ - background
+ - cache_count
+ - designation
+ - export_url
+ - name
+ - pk
+ - policies
+ - policybindingmodel_ptr_id
+ - slug
+ - stages
+ - title
+ FlowChallengeResponseRequest:
+ oneOf:
+ - $ref: '#/components/schemas/AppleChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
+ - $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
+ - $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
+ - $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
+ - $ref: '#/components/schemas/ConsentChallengeResponseRequest'
+ - $ref: '#/components/schemas/DummyChallengeResponseRequest'
+ - $ref: '#/components/schemas/EmailChallengeResponseRequest'
+ - $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
+ - $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
+ - $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
+ - $ref: '#/components/schemas/PasswordChallengeResponseRequest'
+ - $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
+ - $ref: '#/components/schemas/PromptChallengeResponseRequest'
+ discriminator:
+ propertyName: component
+ mapping:
+ ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
+ ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
+ ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
+ ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
+ ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
+ ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
+ ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
+ ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
+ ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
+ ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
+ ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
+ ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
+ ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
+ ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
+ ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
+ ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
+ ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
+ ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
+ FlowDesignationEnum:
+ enum:
+ - authentication
+ - authorization
+ - invalidation
+ - enrollment
+ - unenrollment
+ - recovery
+ - stage_configuration
+ type: string
+ FlowDiagram:
+ type: object
+ description: response of the flow's diagram action
+ properties:
+ diagram:
+ type: string
+ readOnly: true
+ required:
+ - diagram
+ FlowErrorChallenge:
+ type: object
+ description: |-
+ Challenge class when an unhandled error occurs during a stage. Normal users
+ are shown an error message, superusers are shown a full stacktrace.
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: xak-flow-error
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ request_id:
+ type: string
+ error:
+ type: string
+ traceback:
+ type: string
+ required:
+ - pending_user
+ - pending_user_avatar
+ - request_id
+ - type
+ FlowImportResult:
+ type: object
+ description: Logs of an attempted flow import
+ properties:
+ logs:
+ type: array
+ items:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ success:
+ type: boolean
+ readOnly: true
+ required:
+ - logs
+ - success
+ FlowInspection:
+ type: object
+ description: Serializer for inspect endpoint
+ properties:
+ plans:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowInspectorPlan'
+ current_plan:
+ $ref: '#/components/schemas/FlowInspectorPlan'
+ is_completed:
+ type: boolean
+ required:
+ - is_completed
+ - plans
+ FlowInspectorPlan:
+ type: object
+ description: Serializer for an active FlowPlan
+ properties:
+ current_stage:
+ allOf:
+ - $ref: '#/components/schemas/FlowStageBinding'
+ readOnly: true
+ next_planned_stage:
+ allOf:
+ - $ref: '#/components/schemas/FlowStageBinding'
+ readOnly: true
+ plan_context:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ session_id:
+ type: string
+ readOnly: true
+ required:
+ - current_stage
+ - next_planned_stage
+ - plan_context
+ - session_id
+ FlowRequest:
+ type: object
+ description: Flow Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ slug:
+ type: string
+ minLength: 1
+ description: Visible in the URL.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ title:
+ type: string
+ minLength: 1
+ description: Shown as the Title in Flow pages.
+ designation:
+ allOf:
+ - $ref: '#/components/schemas/FlowDesignationEnum'
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ compatibility_mode:
+ type: boolean
+ description: Enable compatibility mode, increases compatibility with password
+ managers on mobile devices.
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ denied_action:
+ allOf:
+ - $ref: '#/components/schemas/DeniedActionEnum'
+ description: Configure what should happen when a flow denies access to a
+ user.
+ authentication:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticationEnum'
+ description: Required level of authentication and authorization to access
+ a flow.
+ required:
+ - designation
+ - name
+ - slug
+ - title
+ FlowSet:
+ type: object
+ description: Stripped down flow serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Flow uuid
+ policybindingmodel_ptr_id:
+ type: string
+ format: uuid
+ readOnly: true
+ name:
+ type: string
+ slug:
+ type: string
+ description: Visible in the URL.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ title:
+ type: string
+ description: Shown as the Title in Flow pages.
+ designation:
+ allOf:
+ - $ref: '#/components/schemas/FlowDesignationEnum'
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ background:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ compatibility_mode:
+ type: boolean
+ description: Enable compatibility mode, increases compatibility with password
+ managers on mobile devices.
+ export_url:
+ type: string
+ readOnly: true
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ denied_action:
+ allOf:
+ - $ref: '#/components/schemas/DeniedActionEnum'
+ description: Configure what should happen when a flow denies access to a
+ user.
+ required:
+ - background
+ - designation
+ - export_url
+ - name
+ - pk
+ - policybindingmodel_ptr_id
+ - slug
+ - title
+ FlowSetRequest:
+ type: object
+ description: Stripped down flow serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ slug:
+ type: string
+ minLength: 1
+ description: Visible in the URL.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ title:
+ type: string
+ minLength: 1
+ description: Shown as the Title in Flow pages.
+ designation:
+ allOf:
+ - $ref: '#/components/schemas/FlowDesignationEnum'
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ compatibility_mode:
+ type: boolean
+ description: Enable compatibility mode, increases compatibility with password
+ managers on mobile devices.
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ denied_action:
+ allOf:
+ - $ref: '#/components/schemas/DeniedActionEnum'
+ description: Configure what should happen when a flow denies access to a
+ user.
+ required:
+ - designation
+ - name
+ - slug
+ - title
+ FlowStageBinding:
+ type: object
+ description: FlowStageBinding Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Fsb uuid
+ policybindingmodel_ptr_id:
+ type: string
+ format: uuid
+ readOnly: true
+ target:
+ type: string
+ format: uuid
+ stage:
+ type: string
+ format: uuid
+ stage_obj:
+ allOf:
+ - $ref: '#/components/schemas/Stage'
+ readOnly: true
+ evaluate_on_plan:
+ type: boolean
+ description: Evaluate policies during the Flow planning process. Disable
+ this for input-based policies.
+ re_evaluate_policies:
+ type: boolean
+ description: Evaluate policies when the Stage is present to the user.
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ invalid_response_action:
+ allOf:
+ - $ref: '#/components/schemas/InvalidResponseActionEnum'
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
+ required:
+ - order
+ - pk
+ - policybindingmodel_ptr_id
+ - stage
+ - stage_obj
+ - target
+ FlowStageBindingRequest:
+ type: object
+ description: FlowStageBinding Serializer
+ properties:
+ target:
+ type: string
+ format: uuid
+ stage:
+ type: string
+ format: uuid
+ evaluate_on_plan:
+ type: boolean
+ description: Evaluate policies during the Flow planning process. Disable
+ this for input-based policies.
+ re_evaluate_policies:
+ type: boolean
+ description: Evaluate policies when the Stage is present to the user.
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ invalid_response_action:
+ allOf:
+ - $ref: '#/components/schemas/InvalidResponseActionEnum'
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
+ required:
+ - order
+ - stage
+ - target
+ FooterLink:
+ type: object
+ description: Links returned in Config API
+ properties:
+ href:
+ type: string
+ readOnly: true
+ name:
+ type: string
+ readOnly: true
+ required:
+ - href
+ - name
+ GenericError:
+ type: object
+ description: Generic API Error
+ properties:
+ detail:
+ type: string
+ code:
+ type: string
+ required:
+ - detail
+ Group:
+ type: object
+ description: Group Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Group uuid
+ num_pk:
+ type: integer
+ readOnly: true
+ name:
+ type: string
+ maxLength: 80
+ is_superuser:
+ type: boolean
+ description: Users added to this group will be superusers.
+ parent:
+ type: string
+ format: uuid
+ nullable: true
+ parent_name:
+ type: string
+ readOnly: true
+ users:
+ type: array
+ items:
+ type: integer
+ attributes:
+ type: object
+ additionalProperties: {}
+ users_obj:
+ type: array
+ items:
+ $ref: '#/components/schemas/GroupMember'
+ readOnly: true
+ required:
+ - name
+ - num_pk
+ - parent_name
+ - pk
+ - users_obj
+ GroupMember:
+ type: object
+ description: Stripped down user serializer to show relevant users for groups
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ username:
+ type: string
+ description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
+ only.
+ pattern: ^[\w.@+-]+$
+ maxLength: 150
+ name:
+ type: string
+ description: User's display name.
+ is_active:
+ type: boolean
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ last_login:
+ type: string
+ format: date-time
+ nullable: true
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ avatar:
+ type: string
+ readOnly: true
+ attributes:
+ type: object
+ additionalProperties: {}
+ uid:
+ type: string
+ readOnly: true
+ required:
+ - avatar
+ - name
+ - pk
+ - uid
+ - username
+ GroupMemberRequest:
+ type: object
+ description: Stripped down user serializer to show relevant users for groups
+ properties:
+ username:
+ type: string
+ minLength: 1
+ description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
+ only.
+ pattern: ^[\w.@+-]+$
+ maxLength: 150
+ name:
+ type: string
+ minLength: 1
+ description: User's display name.
+ is_active:
+ type: boolean
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ last_login:
+ type: string
+ format: date-time
+ nullable: true
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - name
+ - username
+ GroupRequest:
+ type: object
+ description: Group Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 80
+ is_superuser:
+ type: boolean
+ description: Users added to this group will be superusers.
+ parent:
+ type: string
+ format: uuid
+ nullable: true
+ users:
+ type: array
+ items:
+ type: integer
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - name
+ HaveIBeenPwendPolicy:
+ type: object
+ description: Have I Been Pwned Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ password_field:
+ type: string
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ HaveIBeenPwendPolicyRequest:
+ type: object
+ description: Have I Been Pwned Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ password_field:
+ type: string
+ minLength: 1
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ IdentificationChallenge:
+ type: object
+ description: Identification challenges with all UI elements
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-identification
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ user_fields:
+ type: array
+ items:
+ type: string
+ nullable: true
+ password_fields:
+ type: boolean
+ application_pre:
+ type: string
+ enroll_url:
+ type: string
+ recovery_url:
+ type: string
+ passwordless_url:
+ type: string
+ primary_action:
+ type: string
+ sources:
+ type: array
+ items:
+ $ref: '#/components/schemas/LoginSource'
+ show_source_labels:
+ type: boolean
+ required:
+ - password_fields
+ - primary_action
+ - show_source_labels
+ - type
+ - user_fields
+ IdentificationChallengeResponseRequest:
+ type: object
+ description: Identification challenge
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-identification
+ uid_field:
+ type: string
+ minLength: 1
+ password:
+ type: string
+ nullable: true
+ required:
+ - uid_field
+ IdentificationStage:
+ type: object
+ description: IdentificationStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ user_fields:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserFieldsEnum'
+ description: Fields of the user object to match against. (Hold shift to
+ select multiple options)
+ password_stage:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, shows a password field, instead of showing the password
+ field as seaprate step.
+ case_insensitive_matching:
+ type: boolean
+ description: When enabled, user fields are matched regardless of their casing.
+ show_matched_user:
+ type: boolean
+ description: When a valid username/email has been entered, and this option
+ is enabled, the user's username and avatar will be shown. Otherwise, the
+ text that the user entered will be shown
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional enrollment flow, which is linked at the bottom of
+ the page.
+ recovery_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional recovery flow, which is linked at the bottom of the
+ page.
+ passwordless_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional passwordless flow, which is linked at the bottom of
+ the page.
+ sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Specify which sources should be shown.
+ show_source_labels:
+ type: boolean
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ IdentificationStageRequest:
+ type: object
+ description: IdentificationStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ user_fields:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserFieldsEnum'
+ description: Fields of the user object to match against. (Hold shift to
+ select multiple options)
+ password_stage:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, shows a password field, instead of showing the password
+ field as seaprate step.
+ case_insensitive_matching:
+ type: boolean
+ description: When enabled, user fields are matched regardless of their casing.
+ show_matched_user:
+ type: boolean
+ description: When a valid username/email has been entered, and this option
+ is enabled, the user's username and avatar will be shown. Otherwise, the
+ text that the user entered will be shown
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional enrollment flow, which is linked at the bottom of
+ the page.
+ recovery_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional recovery flow, which is linked at the bottom of the
+ page.
+ passwordless_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional passwordless flow, which is linked at the bottom of
+ the page.
+ sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Specify which sources should be shown.
+ show_source_labels:
+ type: boolean
+ required:
+ - name
+ IntentEnum:
+ enum:
+ - verification
+ - api
+ - recovery
+ - app_password
+ type: string
+ InvalidResponseActionEnum:
+ enum:
+ - retry
+ - restart
+ - restart_with_context
+ type: string
+ Invitation:
+ type: object
+ description: Invitation Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Invite uuid
+ name:
+ type: string
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ expires:
+ type: string
+ format: date-time
+ fixed_data:
+ type: object
+ additionalProperties: {}
+ created_by:
+ allOf:
+ - $ref: '#/components/schemas/GroupMember'
+ readOnly: true
+ single_use:
+ type: boolean
+ description: When enabled, the invitation will be deleted after usage.
+ flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, only the configured flow can use this invitation.
+ flow_obj:
+ allOf:
+ - $ref: '#/components/schemas/Flow'
+ readOnly: true
+ required:
+ - created_by
+ - flow_obj
+ - name
+ - pk
+ InvitationRequest:
+ type: object
+ description: Invitation Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ expires:
+ type: string
+ format: date-time
+ fixed_data:
+ type: object
+ additionalProperties: {}
+ single_use:
+ type: boolean
+ description: When enabled, the invitation will be deleted after usage.
+ flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, only the configured flow can use this invitation.
+ required:
+ - name
+ InvitationStage:
+ type: object
+ description: InvitationStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ continue_flow_without_invitation:
+ type: boolean
+ description: If this flag is set, this Stage will jump to the next Stage
+ when no Invitation is given. By default this Stage will cancel the Flow
+ when no invitation is given.
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ InvitationStageRequest:
+ type: object
+ description: InvitationStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ continue_flow_without_invitation:
+ type: boolean
+ description: If this flag is set, this Stage will jump to the next Stage
+ when no Invitation is given. By default this Stage will cancel the Flow
+ when no invitation is given.
+ required:
+ - name
+ IssuerModeEnum:
+ enum:
+ - global
+ - per_provider
+ type: string
+ KubernetesServiceConnection:
+ type: object
+ description: KubernetesServiceConnection Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ name:
+ type: string
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ kubeconfig:
+ type: object
+ additionalProperties: {}
+ description: Paste your kubeconfig here. authentik will automatically use
+ the currently selected context.
+ verify_ssl:
+ type: boolean
+ description: Verify SSL Certificates of the Kubernetes API endpoint
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ KubernetesServiceConnectionRequest:
+ type: object
+ description: KubernetesServiceConnection Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ kubeconfig:
+ type: object
+ additionalProperties: {}
+ description: Paste your kubeconfig here. authentik will automatically use
+ the currently selected context.
+ verify_ssl:
+ type: boolean
+ description: Verify SSL Certificates of the Kubernetes API endpoint
+ required:
+ - name
+ LDAPAPIAccessMode:
+ enum:
+ - direct
+ - cached
+ type: string
+ LDAPOutpostConfig:
+ type: object
+ description: LDAPProvider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ base_dn:
+ type: string
+ description: DN under which objects are accessible.
+ bind_flow_slug:
+ type: string
+ application_slug:
+ type: string
+ search_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Users in this group can do search queries. If not set, every
+ user can execute search queries.
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ tls_server_name:
+ type: string
+ uid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for uidNumbers, this number is added to the user.Pk
+ to make sure that the numbers aren't too low for POSIX users. Default
+ is 2000 to ensure that we don't collide with local users uidNumber
+ gid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for gidNumbers, this number is added to a number
+ generated from the group.Pk to make sure that the numbers aren't too low
+ for POSIX groups. Default is 4000 to ensure that we don't collide with
+ local groups or users primary groups gidNumber
+ search_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ bind_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ required:
+ - application_slug
+ - bind_flow_slug
+ - name
+ - pk
+ LDAPPropertyMapping:
+ type: object
+ description: LDAP PropertyMapping Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pm uuid
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ expression:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ object_field:
+ type: string
+ required:
+ - component
+ - expression
+ - meta_model_name
+ - name
+ - object_field
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ LDAPPropertyMappingRequest:
+ type: object
+ description: LDAP PropertyMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ object_field:
+ type: string
+ minLength: 1
+ required:
+ - expression
+ - name
+ - object_field
+ LDAPProvider:
+ type: object
+ description: LDAPProvider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ component:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ base_dn:
+ type: string
+ description: DN under which objects are accessible.
+ search_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Users in this group can do search queries. If not set, every
+ user can execute search queries.
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ tls_server_name:
+ type: string
+ uid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for uidNumbers, this number is added to the user.Pk
+ to make sure that the numbers aren't too low for POSIX users. Default
+ is 2000 to ensure that we don't collide with local users uidNumber
+ gid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for gidNumbers, this number is added to a number
+ generated from the group.Pk to make sure that the numbers aren't too low
+ for POSIX groups. Default is 4000 to ensure that we don't collide with
+ local groups or users primary groups gidNumber
+ outpost_set:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ search_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ bind_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ required:
+ - assigned_application_name
+ - assigned_application_slug
+ - authorization_flow
+ - component
+ - meta_model_name
+ - name
+ - outpost_set
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ LDAPProviderRequest:
+ type: object
+ description: LDAPProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ base_dn:
+ type: string
+ minLength: 1
+ description: DN under which objects are accessible.
+ search_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Users in this group can do search queries. If not set, every
+ user can execute search queries.
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ tls_server_name:
+ type: string
+ uid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for uidNumbers, this number is added to the user.Pk
+ to make sure that the numbers aren't too low for POSIX users. Default
+ is 2000 to ensure that we don't collide with local users uidNumber
+ gid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for gidNumbers, this number is added to a number
+ generated from the group.Pk to make sure that the numbers aren't too low
+ for POSIX groups. Default is 4000 to ensure that we don't collide with
+ local groups or users primary groups gidNumber
+ search_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ bind_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ required:
+ - authorization_flow
+ - name
+ LDAPSource:
+ type: object
+ description: LDAP Source Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Source's display Name.
+ slug:
+ type: string
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ readOnly: true
+ user_path_template:
+ type: string
+ icon:
+ type: string
+ nullable: true
+ readOnly: true
+ server_uri:
+ type: string
+ format: uri
+ peer_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally verify the LDAP Server's Certificate against the
+ CA Chain in this keypair.
+ bind_cn:
+ type: string
+ start_tls:
+ type: boolean
+ title: Enable Start TLS
+ base_dn:
+ type: string
+ additional_user_dn:
+ type: string
+ title: Addition User DN
+ description: Prepended to Base DN for User-queries.
+ additional_group_dn:
+ type: string
+ title: Addition Group DN
+ description: Prepended to Base DN for Group-queries.
+ user_object_filter:
+ type: string
+ description: Consider Objects matching this filter to be Users.
+ group_object_filter:
+ type: string
+ description: Consider Objects matching this filter to be Groups.
+ group_membership_field:
+ type: string
+ description: Field which contains members of a group.
+ object_uniqueness_field:
+ type: string
+ description: Field which contains a unique Identifier.
+ sync_users:
+ type: boolean
+ sync_users_password:
+ type: boolean
+ description: When a user changes their password, sync it back to LDAP. This
+ can only be enabled on a single LDAP source.
+ sync_groups:
+ type: boolean
+ sync_parent_group:
+ type: string
+ format: uuid
+ nullable: true
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ property_mappings_group:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Property mappings used for group creation/updating.
+ required:
+ - base_dn
+ - component
+ - icon
+ - managed
+ - meta_model_name
+ - name
+ - pk
+ - server_uri
+ - slug
+ - verbose_name
+ - verbose_name_plural
+ LDAPSourceRequest:
+ type: object
+ description: LDAP Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ server_uri:
+ type: string
+ minLength: 1
+ format: uri
+ peer_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally verify the LDAP Server's Certificate against the
+ CA Chain in this keypair.
+ bind_cn:
+ type: string
+ bind_password:
+ type: string
+ writeOnly: true
+ start_tls:
+ type: boolean
+ title: Enable Start TLS
+ base_dn:
+ type: string
+ minLength: 1
+ additional_user_dn:
+ type: string
+ title: Addition User DN
+ description: Prepended to Base DN for User-queries.
+ additional_group_dn:
+ type: string
+ title: Addition Group DN
+ description: Prepended to Base DN for Group-queries.
+ user_object_filter:
+ type: string
+ minLength: 1
+ description: Consider Objects matching this filter to be Users.
+ group_object_filter:
+ type: string
+ minLength: 1
+ description: Consider Objects matching this filter to be Groups.
+ group_membership_field:
+ type: string
+ minLength: 1
+ description: Field which contains members of a group.
+ object_uniqueness_field:
+ type: string
+ minLength: 1
+ description: Field which contains a unique Identifier.
+ sync_users:
+ type: boolean
+ sync_users_password:
+ type: boolean
+ description: When a user changes their password, sync it back to LDAP. This
+ can only be enabled on a single LDAP source.
+ sync_groups:
+ type: boolean
+ sync_parent_group:
+ type: string
+ format: uuid
+ nullable: true
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ property_mappings_group:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Property mappings used for group creation/updating.
+ required:
+ - base_dn
+ - name
+ - server_uri
+ - slug
+ LayoutEnum:
+ enum:
+ - stacked
+ - content_left
+ - content_right
+ - sidebar_left
+ - sidebar_right
+ type: string
+ Link:
+ type: object
+ description: Returns a single link
+ properties:
+ link:
+ type: string
+ required:
+ - link
+ LoginChallengeTypes:
+ oneOf:
+ - $ref: '#/components/schemas/RedirectChallenge'
+ - $ref: '#/components/schemas/PlexAuthenticationChallenge'
+ - $ref: '#/components/schemas/AppleLoginChallenge'
+ discriminator:
+ propertyName: component
+ mapping:
+ xak-flow-redirect: '#/components/schemas/RedirectChallenge'
+ ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
+ ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
+ LoginMetrics:
+ type: object
+ description: Login Metrics per 1h
+ properties:
+ logins_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ logins_failed_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ authorizations_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ required:
+ - authorizations_per_1h
+ - logins_failed_per_1h
+ - logins_per_1h
+ LoginSource:
+ type: object
+ description: Serializer for Login buttons of sources
+ properties:
+ name:
+ type: string
+ icon_url:
+ type: string
+ nullable: true
+ challenge:
+ $ref: '#/components/schemas/LoginChallengeTypes'
+ required:
+ - challenge
+ - name
+ Metadata:
+ type: object
+ description: Serializer for blueprint metadata
+ properties:
+ name:
+ type: string
+ labels:
+ type: object
+ additionalProperties: {}
+ required:
+ - labels
+ - name
+ NameIdPolicyEnum:
+ enum:
+ - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
+ - urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ type: string
+ NotConfiguredActionEnum:
+ enum:
+ - skip
+ - deny
+ - configure
+ type: string
+ Notification:
+ type: object
+ description: Notification Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ severity:
+ allOf:
+ - $ref: '#/components/schemas/SeverityEnum'
+ readOnly: true
+ body:
+ type: string
+ readOnly: true
+ created:
+ type: string
+ format: date-time
+ readOnly: true
+ event:
+ $ref: '#/components/schemas/Event'
+ seen:
+ type: boolean
+ required:
+ - body
+ - created
+ - pk
+ - severity
+ NotificationRequest:
+ type: object
+ description: Notification Serializer
+ properties:
+ event:
+ $ref: '#/components/schemas/EventRequest'
+ seen:
+ type: boolean
+ NotificationRule:
+ type: object
+ description: NotificationRule Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ transports:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Select which transports should be used to notify the user.
+ If none are selected, the notification will only be shown in the authentik
+ UI.
+ severity:
+ allOf:
+ - $ref: '#/components/schemas/SeverityEnum'
+ description: Controls which severity level the created notifications will
+ have.
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Define which group of users this notification should be sent
+ and shown to. If left empty, Notification won't ben sent.
+ group_obj:
+ allOf:
+ - $ref: '#/components/schemas/Group'
+ readOnly: true
+ required:
+ - group_obj
+ - name
+ - pk
+ NotificationRuleRequest:
+ type: object
+ description: NotificationRule Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ transports:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Select which transports should be used to notify the user.
+ If none are selected, the notification will only be shown in the authentik
+ UI.
+ severity:
+ allOf:
+ - $ref: '#/components/schemas/SeverityEnum'
+ description: Controls which severity level the created notifications will
+ have.
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Define which group of users this notification should be sent
+ and shown to. If left empty, Notification won't ben sent.
+ required:
+ - name
+ NotificationTransport:
+ type: object
+ description: NotificationTransport Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ name:
+ type: string
+ mode:
+ $ref: '#/components/schemas/NotificationTransportModeEnum'
+ mode_verbose:
+ type: string
+ readOnly: true
+ webhook_url:
+ type: string
+ format: uri
+ webhook_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ send_once:
+ type: boolean
+ description: Only send notification once, for example when sending a webhook
+ into a chat channel.
+ required:
+ - mode_verbose
+ - name
+ - pk
+ NotificationTransportModeEnum:
+ enum:
+ - local
+ - webhook
+ - webhook_slack
+ - email
+ type: string
+ NotificationTransportRequest:
+ type: object
+ description: NotificationTransport Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ mode:
+ $ref: '#/components/schemas/NotificationTransportModeEnum'
+ webhook_url:
+ type: string
+ format: uri
+ webhook_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ send_once:
+ type: boolean
+ description: Only send notification once, for example when sending a webhook
+ into a chat channel.
+ required:
+ - name
+ NotificationTransportTest:
+ type: object
+ description: Notification test serializer
+ properties:
+ messages:
+ type: array
+ items:
+ type: string
+ required:
+ - messages
+ NotificationWebhookMapping:
+ type: object
+ description: NotificationWebhookMapping Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pm uuid
+ name:
+ type: string
+ expression:
+ type: string
+ required:
+ - expression
+ - name
+ - pk
+ NotificationWebhookMappingRequest:
+ type: object
+ description: NotificationWebhookMapping Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ required:
+ - expression
+ - name
+ OAuth2Provider:
+ type: object
+ description: OAuth2Provider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ component:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ client_type:
+ allOf:
+ - $ref: '#/components/schemas/ClientTypeEnum'
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
+ client_id:
+ type: string
+ maxLength: 255
+ client_secret:
+ type: string
+ maxLength: 255
+ access_code_validity:
+ type: string
+ description: 'Access codes not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ token_validity:
+ type: string
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ include_claims_in_id_token:
+ type: boolean
+ description: Include User claims from scopes in the id_token, for applications
+ that don't access the userinfo endpoint.
+ signing_key:
+ type: string
+ format: uuid
+ nullable: true
+ description: Key used to sign the tokens. Only required when JWT Algorithm
+ is set to RS256.
+ redirect_uris:
+ type: string
+ description: Enter each URI on a new line.
+ sub_mode:
+ allOf:
+ - $ref: '#/components/schemas/SubModeEnum'
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
+ issuer_mode:
+ allOf:
+ - $ref: '#/components/schemas/IssuerModeEnum'
+ description: Configure how the issuer field of the ID Token should be filled.
+ jwks_sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ title: Any JWT signed by the JWK of the selected source can be used to
+ authenticate.
+ title: Any JWT signed by the JWK of the selected source can be used to authenticate.
+ required:
+ - assigned_application_name
+ - assigned_application_slug
+ - authorization_flow
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ OAuth2ProviderRequest:
+ type: object
+ description: OAuth2Provider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ client_type:
+ allOf:
+ - $ref: '#/components/schemas/ClientTypeEnum'
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
+ client_id:
+ type: string
+ minLength: 1
+ maxLength: 255
+ client_secret:
+ type: string
+ maxLength: 255
+ access_code_validity:
+ type: string
+ minLength: 1
+ description: 'Access codes not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ token_validity:
+ type: string
+ minLength: 1
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ include_claims_in_id_token:
+ type: boolean
+ description: Include User claims from scopes in the id_token, for applications
+ that don't access the userinfo endpoint.
+ signing_key:
+ type: string
+ format: uuid
+ nullable: true
+ description: Key used to sign the tokens. Only required when JWT Algorithm
+ is set to RS256.
+ redirect_uris:
+ type: string
+ description: Enter each URI on a new line.
+ sub_mode:
+ allOf:
+ - $ref: '#/components/schemas/SubModeEnum'
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
+ issuer_mode:
+ allOf:
+ - $ref: '#/components/schemas/IssuerModeEnum'
+ description: Configure how the issuer field of the ID Token should be filled.
+ jwks_sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ title: Any JWT signed by the JWK of the selected source can be used to
+ authenticate.
+ title: Any JWT signed by the JWK of the selected source can be used to authenticate.
+ required:
+ - authorization_flow
+ - name
+ OAuth2ProviderSetupURLs:
+ type: object
+ description: OAuth2 Provider Metadata serializer
+ properties:
+ issuer:
+ type: string
+ readOnly: true
+ authorize:
+ type: string
+ readOnly: true
+ token:
+ type: string
+ readOnly: true
+ user_info:
+ type: string
+ readOnly: true
+ provider_info:
+ type: string
+ readOnly: true
+ logout:
+ type: string
+ readOnly: true
+ jwks:
+ type: string
+ readOnly: true
+ required:
+ - authorize
+ - issuer
+ - jwks
+ - logout
+ - provider_info
+ - token
+ - user_info
+ OAuthDeviceCodeChallenge:
+ type: object
+ description: OAuth Device code challenge
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-provider-oauth2-device-code
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ required:
+ - type
+ OAuthDeviceCodeChallengeResponseRequest:
+ type: object
+ description: Response that includes the user-entered device code
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-provider-oauth2-device-code
+ code:
+ type: integer
+ required:
+ - code
+ OAuthDeviceCodeFinishChallenge:
+ type: object
+ description: Final challenge after user enters their code
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-provider-oauth2-device-code-finish
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ required:
+ - type
+ OAuthDeviceCodeFinishChallengeResponseRequest:
+ type: object
+ description: Response that device has been authenticated and tab can be closed
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-provider-oauth2-device-code-finish
+ OAuthSource:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Source's display Name.
+ slug:
+ type: string
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ readOnly: true
+ user_path_template:
+ type: string
+ icon:
+ type: string
+ nullable: true
+ readOnly: true
+ provider_type:
+ $ref: '#/components/schemas/ProviderTypeEnum'
+ request_token_url:
+ type: string
+ nullable: true
+ description: URL used to request the initial token. This URL is only required
+ for OAuth 1.
+ maxLength: 255
+ authorization_url:
+ type: string
+ nullable: true
+ description: URL the user is redirect to to conest the flow.
+ maxLength: 255
+ access_token_url:
+ type: string
+ nullable: true
+ description: URL used by authentik to retrieve tokens.
+ maxLength: 255
+ profile_url:
+ type: string
+ nullable: true
+ description: URL used by authentik to get user information.
+ maxLength: 255
+ consumer_key:
+ type: string
+ callback_url:
+ type: string
+ readOnly: true
+ additional_scopes:
+ type: string
+ type:
+ allOf:
+ - $ref: '#/components/schemas/SourceType'
+ readOnly: true
+ oidc_well_known_url:
+ type: string
+ oidc_jwks_url:
+ type: string
+ oidc_jwks:
+ type: object
+ additionalProperties: {}
+ required:
+ - callback_url
+ - component
+ - consumer_key
+ - icon
+ - managed
+ - meta_model_name
+ - name
+ - pk
+ - provider_type
+ - slug
+ - type
+ - verbose_name
+ - verbose_name_plural
+ OAuthSourceRequest:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ provider_type:
+ $ref: '#/components/schemas/ProviderTypeEnum'
+ request_token_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used to request the initial token. This URL is only required
+ for OAuth 1.
+ maxLength: 255
+ authorization_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL the user is redirect to to conest the flow.
+ maxLength: 255
+ access_token_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used by authentik to retrieve tokens.
+ maxLength: 255
+ profile_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used by authentik to get user information.
+ maxLength: 255
+ consumer_key:
+ type: string
+ minLength: 1
+ consumer_secret:
+ type: string
+ writeOnly: true
+ minLength: 1
+ additional_scopes:
+ type: string
+ oidc_well_known_url:
+ type: string
+ oidc_jwks_url:
+ type: string
+ oidc_jwks:
+ type: object
+ additionalProperties: {}
+ required:
+ - consumer_key
+ - consumer_secret
+ - name
+ - provider_type
+ - slug
+ OpenIDConnectConfiguration:
+ type: object
+ description: rest_framework Serializer for OIDC Configuration
+ properties:
+ issuer:
+ type: string
+ authorization_endpoint:
+ type: string
+ token_endpoint:
+ type: string
+ userinfo_endpoint:
+ type: string
+ end_session_endpoint:
+ type: string
+ introspection_endpoint:
+ type: string
+ jwks_uri:
+ type: string
+ response_types_supported:
+ type: array
+ items:
+ type: string
+ id_token_signing_alg_values_supported:
+ type: array
+ items:
+ type: string
+ subject_types_supported:
+ type: array
+ items:
+ type: string
+ token_endpoint_auth_methods_supported:
+ type: array
+ items:
+ type: string
+ required:
+ - authorization_endpoint
+ - end_session_endpoint
+ - id_token_signing_alg_values_supported
+ - introspection_endpoint
+ - issuer
+ - jwks_uri
+ - response_types_supported
+ - subject_types_supported
+ - token_endpoint
+ - token_endpoint_auth_methods_supported
+ - userinfo_endpoint
+ Outpost:
+ type: object
+ description: Outpost Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ name:
+ type: string
+ type:
+ $ref: '#/components/schemas/OutpostTypeEnum'
+ providers:
+ type: array
+ items:
+ type: integer
+ providers_obj:
+ type: array
+ items:
+ $ref: '#/components/schemas/Provider'
+ readOnly: true
+ service_connection:
+ type: string
+ format: uuid
+ nullable: true
+ description: Select Service-Connection authentik should use to manage this
+ outpost. Leave empty if authentik should not handle the deployment.
+ service_connection_obj:
+ allOf:
+ - $ref: '#/components/schemas/ServiceConnection'
+ readOnly: true
+ token_identifier:
+ type: string
+ readOnly: true
+ config:
+ type: object
+ additionalProperties: {}
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ required:
+ - config
+ - name
+ - pk
+ - providers
+ - providers_obj
+ - service_connection_obj
+ - token_identifier
+ - type
+ OutpostDefaultConfig:
+ type: object
+ description: Global default outpost config
+ properties:
+ config:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ required:
+ - config
+ OutpostHealth:
+ type: object
+ description: Outpost health status
+ properties:
+ last_seen:
+ type: string
+ format: date-time
+ readOnly: true
+ version:
+ type: string
+ readOnly: true
+ version_should:
+ type: string
+ readOnly: true
+ version_outdated:
+ type: boolean
+ readOnly: true
+ build_hash:
+ type: string
+ readOnly: true
+ build_hash_should:
+ type: string
+ readOnly: true
+ required:
+ - build_hash
+ - build_hash_should
+ - last_seen
+ - version
+ - version_outdated
+ - version_should
+ OutpostRequest:
+ type: object
+ description: Outpost Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ type:
+ $ref: '#/components/schemas/OutpostTypeEnum'
+ providers:
+ type: array
+ items:
+ type: integer
+ service_connection:
+ type: string
+ format: uuid
+ nullable: true
+ description: Select Service-Connection authentik should use to manage this
+ outpost. Leave empty if authentik should not handle the deployment.
+ config:
+ type: object
+ additionalProperties: {}
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ required:
+ - config
+ - name
+ - providers
+ - type
+ OutpostTypeEnum:
+ enum:
+ - proxy
+ - ldap
+ type: string
+ PaginatedApplicationList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Application'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticateWebAuthnStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticateWebAuthnStage'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatedSessionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatedSession'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatorDuoStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatorDuoStage'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatorSMSStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatorSMSStage'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatorStaticStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatorStaticStage'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatorTOTPStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatorTOTPStage'
+ required:
+ - pagination
+ - results
+ PaginatedAuthenticatorValidateStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/AuthenticatorValidateStage'
+ required:
+ - pagination
+ - results
+ PaginatedBlueprintInstanceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/BlueprintInstance'
+ required:
+ - pagination
+ - results
+ PaginatedCaptchaStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/CaptchaStage'
+ required:
+ - pagination
+ - results
+ PaginatedCertificateKeyPairList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/CertificateKeyPair'
+ required:
+ - pagination
+ - results
+ PaginatedConsentStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ConsentStage'
+ required:
+ - pagination
+ - results
+ PaginatedDenyStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/DenyStage'
+ required:
+ - pagination
+ - results
+ PaginatedDockerServiceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/DockerServiceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedDummyPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/DummyPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedDummyStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/DummyStage'
+ required:
+ - pagination
+ - results
+ PaginatedDuoDeviceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/DuoDevice'
+ required:
+ - pagination
+ - results
+ PaginatedEmailStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/EmailStage'
+ required:
+ - pagination
+ - results
+ PaginatedEventList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Event'
+ required:
+ - pagination
+ - results
+ PaginatedEventMatcherPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/EventMatcherPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedExpiringBaseGrantModelList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ExpiringBaseGrantModel'
+ required:
+ - pagination
+ - results
+ PaginatedExpressionPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ExpressionPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedFlowList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Flow'
+ required:
+ - pagination
+ - results
+ PaginatedFlowStageBindingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowStageBinding'
+ required:
+ - pagination
+ - results
+ PaginatedGroupList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Group'
+ required:
+ - pagination
+ - results
+ PaginatedHaveIBeenPwendPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/HaveIBeenPwendPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedIdentificationStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/IdentificationStage'
+ required:
+ - pagination
+ - results
+ PaginatedInvitationList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Invitation'
+ required:
+ - pagination
+ - results
+ PaginatedInvitationStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/InvitationStage'
+ required:
+ - pagination
+ - results
+ PaginatedKubernetesServiceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/KubernetesServiceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedLDAPOutpostConfigList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/LDAPOutpostConfig'
+ required:
+ - pagination
+ - results
+ PaginatedLDAPPropertyMappingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/LDAPPropertyMapping'
+ required:
+ - pagination
+ - results
+ PaginatedLDAPProviderList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/LDAPProvider'
+ required:
+ - pagination
+ - results
+ PaginatedLDAPSourceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/LDAPSource'
+ required:
+ - pagination
+ - results
+ PaginatedNotificationList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Notification'
+ required:
+ - pagination
+ - results
+ PaginatedNotificationRuleList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/NotificationRule'
+ required:
+ - pagination
+ - results
+ PaginatedNotificationTransportList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/NotificationTransport'
+ required:
+ - pagination
+ - results
+ PaginatedNotificationWebhookMappingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/NotificationWebhookMapping'
+ required:
+ - pagination
+ - results
+ PaginatedOAuth2ProviderList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/OAuth2Provider'
+ required:
+ - pagination
+ - results
+ PaginatedOAuthSourceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/OAuthSource'
+ required:
+ - pagination
+ - results
+ PaginatedOutpostList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Outpost'
+ required:
+ - pagination
+ - results
+ PaginatedPasswordExpiryPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PasswordExpiryPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedPasswordPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PasswordPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedPasswordStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PasswordStage'
+ required:
+ - pagination
+ - results
+ PaginatedPlexSourceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PlexSourceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedPlexSourceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PlexSource'
+ required:
+ - pagination
+ - results
+ PaginatedPolicyBindingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PolicyBinding'
+ required:
+ - pagination
+ - results
+ PaginatedPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Policy'
+ required:
+ - pagination
+ - results
+ PaginatedPromptList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Prompt'
+ required:
+ - pagination
+ - results
+ PaginatedPromptStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PromptStage'
+ required:
+ - pagination
+ - results
+ PaginatedPropertyMappingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/PropertyMapping'
+ required:
+ - pagination
+ - results
+ PaginatedProviderList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Provider'
+ required:
+ - pagination
+ - results
+ PaginatedProxyOutpostConfigList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ProxyOutpostConfig'
+ required:
+ - pagination
+ - results
+ PaginatedProxyProviderList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ProxyProvider'
+ required:
+ - pagination
+ - results
+ PaginatedRefreshTokenModelList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/RefreshTokenModel'
+ required:
+ - pagination
+ - results
+ PaginatedReputationList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Reputation'
+ required:
+ - pagination
+ - results
+ PaginatedReputationPolicyList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ReputationPolicy'
+ required:
+ - pagination
+ - results
+ PaginatedSAMLPropertyMappingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/SAMLPropertyMapping'
+ required:
+ - pagination
+ - results
+ PaginatedSAMLProviderList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/SAMLProvider'
+ required:
+ - pagination
+ - results
+ PaginatedSAMLSourceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/SAMLSource'
+ required:
+ - pagination
+ - results
+ PaginatedSMSDeviceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/SMSDevice'
+ required:
+ - pagination
+ - results
+ PaginatedScopeMappingList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ScopeMapping'
+ required:
+ - pagination
+ - results
+ PaginatedServiceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/ServiceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedSourceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Source'
+ required:
+ - pagination
+ - results
+ PaginatedStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Stage'
+ required:
+ - pagination
+ - results
+ PaginatedStaticDeviceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/StaticDevice'
+ required:
+ - pagination
+ - results
+ PaginatedTOTPDeviceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/TOTPDevice'
+ required:
+ - pagination
+ - results
+ PaginatedTenantList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Tenant'
+ required:
+ - pagination
+ - results
+ PaginatedTokenList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/Token'
+ required:
+ - pagination
+ - results
+ PaginatedUserConsentList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserConsent'
+ required:
+ - pagination
+ - results
+ PaginatedUserDeleteStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserDeleteStage'
+ required:
+ - pagination
+ - results
+ PaginatedUserList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/User'
+ required:
+ - pagination
+ - results
+ PaginatedUserLoginStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserLoginStage'
+ required:
+ - pagination
+ - results
+ PaginatedUserLogoutStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserLogoutStage'
+ required:
+ - pagination
+ - results
+ PaginatedUserOAuthSourceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserOAuthSourceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedUserSAMLSourceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserSAMLSourceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedUserSourceConnectionList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserSourceConnection'
+ required:
+ - pagination
+ - results
+ PaginatedUserWriteStageList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserWriteStage'
+ required:
+ - pagination
+ - results
+ PaginatedWebAuthnDeviceList:
+ type: object
+ properties:
+ pagination:
+ type: object
+ properties:
+ next:
+ type: number
+ previous:
+ type: number
+ count:
+ type: number
+ current:
+ type: number
+ total_pages:
+ type: number
+ start_index:
+ type: number
+ end_index:
+ type: number
+ required:
+ - next
+ - previous
+ - count
+ - current
+ - total_pages
+ - start_index
+ - end_index
+ results:
+ type: array
+ items:
+ $ref: '#/components/schemas/WebAuthnDevice'
+ required:
+ - pagination
+ - results
+ PasswordChallenge:
+ type: object
+ description: Password challenge UI fields
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-password
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ pending_user:
+ type: string
+ pending_user_avatar:
+ type: string
+ recovery_url:
+ type: string
+ required:
+ - pending_user
+ - pending_user_avatar
+ - type
+ PasswordChallengeResponseRequest:
+ type: object
+ description: Password challenge response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-password
+ password:
+ type: string
+ minLength: 1
+ required:
+ - password
+ PasswordExpiryPolicy:
+ type: object
+ description: Password Expiry Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ days:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ deny_only:
+ type: boolean
+ required:
+ - bound_to
+ - component
+ - days
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PasswordExpiryPolicyRequest:
+ type: object
+ description: Password Expiry Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ days:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ deny_only:
+ type: boolean
+ required:
+ - days
+ PasswordPolicy:
+ type: object
+ description: Password Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ password_field:
+ type: string
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ amount_digits:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_uppercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_lowercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_symbols:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ length_min:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ symbol_charset:
+ type: string
+ error_message:
+ type: string
+ check_static_rules:
+ type: boolean
+ check_have_i_been_pwned:
+ type: boolean
+ check_zxcvbn:
+ type: boolean
+ hibp_allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: How many times the password hash is allowed to be on haveibeenpwned
+ zxcvbn_score_threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: If the zxcvbn score is equal or less than this value, the policy
+ will fail.
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PasswordPolicyRequest:
+ type: object
+ description: Password Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ password_field:
+ type: string
+ minLength: 1
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ amount_digits:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_uppercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_lowercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_symbols:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ length_min:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ symbol_charset:
+ type: string
+ minLength: 1
+ error_message:
+ type: string
+ check_static_rules:
+ type: boolean
+ check_have_i_been_pwned:
+ type: boolean
+ check_zxcvbn:
+ type: boolean
+ hibp_allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: How many times the password hash is allowed to be on haveibeenpwned
+ zxcvbn_score_threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: If the zxcvbn score is equal or less than this value, the policy
+ will fail.
+ PasswordStage:
+ type: object
+ description: PasswordStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ backends:
+ type: array
+ items:
+ $ref: '#/components/schemas/BackendsEnum'
+ description: Selection of backends to test the password against.
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ failed_attempts_before_cancel:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: How many attempts a user has before the flow is canceled. To
+ lock the user out, use a reputation policy and a user_write stage.
+ required:
+ - backends
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PasswordStageRequest:
+ type: object
+ description: PasswordStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ backends:
+ type: array
+ items:
+ $ref: '#/components/schemas/BackendsEnum'
+ description: Selection of backends to test the password against.
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ failed_attempts_before_cancel:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: How many attempts a user has before the flow is canceled. To
+ lock the user out, use a reputation policy and a user_write stage.
+ required:
+ - backends
+ - name
+ PatchedApplicationRequest:
+ type: object
+ description: Application Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Application's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal application name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ provider:
+ type: integer
+ nullable: true
+ open_in_new_tab:
+ type: boolean
+ description: Open launch URL in a new browser tab or window.
+ meta_launch_url:
+ type: string
+ format: uri
+ meta_description:
+ type: string
+ meta_publisher:
+ type: string
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ group:
+ type: string
+ PatchedAuthenticateWebAuthnStageRequest:
+ type: object
+ description: AuthenticateWebAuthnStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ user_verification:
+ $ref: '#/components/schemas/UserVerificationEnum'
+ authenticator_attachment:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
+ nullable: true
+ resident_key_requirement:
+ $ref: '#/components/schemas/ResidentKeyRequirementEnum'
+ PatchedAuthenticatorDuoStageRequest:
+ type: object
+ description: AuthenticatorDuoStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ client_id:
+ type: string
+ minLength: 1
+ client_secret:
+ type: string
+ writeOnly: true
+ minLength: 1
+ api_hostname:
+ type: string
+ minLength: 1
+ admin_integration_key:
+ type: string
+ admin_secret_key:
+ type: string
+ writeOnly: true
+ PatchedAuthenticatorSMSStageRequest:
+ type: object
+ description: AuthenticatorSMSStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ provider:
+ $ref: '#/components/schemas/ProviderEnum'
+ from_number:
+ type: string
+ minLength: 1
+ account_sid:
+ type: string
+ minLength: 1
+ auth:
+ type: string
+ minLength: 1
+ auth_password:
+ type: string
+ auth_type:
+ $ref: '#/components/schemas/AuthTypeEnum'
+ verify_only:
+ type: boolean
+ description: When enabled, the Phone number is only used during enrollment
+ to verify the users authenticity. Only a hash of the phone number is saved
+ to ensure it is not re-used in the future.
+ mapping:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally modify the payload being sent to custom providers.
+ PatchedAuthenticatorStaticStageRequest:
+ type: object
+ description: AuthenticatorStaticStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ token_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ PatchedAuthenticatorTOTPStageRequest:
+ type: object
+ description: AuthenticatorTOTPStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ digits:
+ allOf:
+ - $ref: '#/components/schemas/DigitsEnum'
+ minimum: -2147483648
+ maximum: 2147483647
+ PatchedAuthenticatorValidateStageRequest:
+ type: object
+ description: AuthenticatorValidateStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ not_configured_action:
+ $ref: '#/components/schemas/NotConfiguredActionEnum'
+ device_classes:
+ type: array
+ items:
+ $ref: '#/components/schemas/DeviceClassesEnum'
+ description: Device classes which can be used to authenticate
+ configuration_stages:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Stages used to configure Authenticator when user doesn't have
+ any compatible devices. After this configuration Stage passes, the user
+ is not prompted again.
+ last_auth_threshold:
+ type: string
+ minLength: 1
+ description: If any of the user's device has been used within this threshold,
+ this stage will be skipped
+ webauthn_user_verification:
+ allOf:
+ - $ref: '#/components/schemas/UserVerificationEnum'
+ description: Enforce user verification for WebAuthn devices.
+ PatchedBlueprintInstanceRequest:
+ type: object
+ description: Info about a single blueprint instance file
+ properties:
+ name:
+ type: string
+ minLength: 1
+ path:
+ type: string
+ minLength: 1
+ context:
+ type: object
+ additionalProperties: {}
+ enabled:
+ type: boolean
+ PatchedCaptchaStageRequest:
+ type: object
+ description: CaptchaStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ public_key:
+ type: string
+ minLength: 1
+ description: Public key, acquired your captcha Provider.
+ private_key:
+ type: string
+ writeOnly: true
+ minLength: 1
+ description: Private key, acquired your captcha Provider.
+ js_url:
+ type: string
+ minLength: 1
+ api_url:
+ type: string
+ minLength: 1
+ PatchedCertificateKeyPairRequest:
+ type: object
+ description: CertificateKeyPair Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ certificate_data:
+ type: string
+ writeOnly: true
+ minLength: 1
+ description: PEM-encoded Certificate data
+ key_data:
+ type: string
+ writeOnly: true
+ description: Optional Private Key. If this is set, you can use this keypair
+ for encryption.
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ PatchedConsentStageRequest:
+ type: object
+ description: ConsentStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ mode:
+ $ref: '#/components/schemas/ConsentStageModeEnum'
+ consent_expire_in:
+ type: string
+ minLength: 1
+ title: Consent expires in
+ description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
+ PatchedDenyStageRequest:
+ type: object
+ description: DenyStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ PatchedDockerServiceConnectionRequest:
+ type: object
+ description: DockerServiceConnection Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ url:
+ type: string
+ minLength: 1
+ description: Can be in the format of 'unix://' when connecting to
+ a local docker daemon, or 'https://:2376' when connecting to
+ a remote system.
+ tls_verification:
+ type: string
+ format: uuid
+ nullable: true
+ description: CA which the endpoint's Certificate is verified against. Can
+ be left empty for no validation.
+ tls_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ description: Certificate/Key used for authentication. Can be left empty
+ for no authentication.
+ PatchedDummyPolicyRequest:
+ type: object
+ description: Dummy Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ result:
+ type: boolean
+ wait_min:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ wait_max:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ PatchedDummyStageRequest:
+ type: object
+ description: DummyStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ PatchedDuoDeviceRequest:
+ type: object
+ description: Serializer for Duo authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ PatchedEmailStageRequest:
+ type: object
+ description: EmailStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ use_global_settings:
+ type: boolean
+ description: When enabled, global Email connection settings will be used
+ and connection settings below will be ignored.
+ host:
+ type: string
+ minLength: 1
+ port:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ username:
+ type: string
+ password:
+ type: string
+ writeOnly: true
+ use_tls:
+ type: boolean
+ use_ssl:
+ type: boolean
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ from_address:
+ type: string
+ format: email
+ minLength: 1
+ maxLength: 254
+ token_expiry:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Time in minutes the token sent is valid.
+ subject:
+ type: string
+ minLength: 1
+ template:
+ type: string
+ minLength: 1
+ activate_user_on_success:
+ type: boolean
+ description: Activate users upon completion of stage.
+ PatchedEventMatcherPolicyRequest:
+ type: object
+ description: Event Matcher Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ action:
+ allOf:
+ - $ref: '#/components/schemas/EventActions'
+ description: Match created events with this action type. When left empty,
+ all action types will be matched.
+ client_ip:
+ type: string
+ description: Matches Event's Client IP (strict matching, for network matching
+ use an Expression Policy)
+ app:
+ allOf:
+ - $ref: '#/components/schemas/AppEnum'
+ description: Match events created by selected application. When left empty,
+ all applications are matched.
+ PatchedEventRequest:
+ type: object
+ description: Event Serializer
+ properties:
+ user:
+ type: object
+ additionalProperties: {}
+ action:
+ $ref: '#/components/schemas/EventActions'
+ app:
+ type: string
+ minLength: 1
+ context:
+ type: object
+ additionalProperties: {}
+ client_ip:
+ type: string
+ nullable: true
+ minLength: 1
+ expires:
+ type: string
+ format: date-time
+ tenant:
+ type: object
+ additionalProperties: {}
+ PatchedExpressionPolicyRequest:
+ type: object
+ description: Group Membership Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ expression:
+ type: string
+ minLength: 1
+ PatchedFlowRequest:
+ type: object
+ description: Flow Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ slug:
+ type: string
+ minLength: 1
+ description: Visible in the URL.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ title:
+ type: string
+ minLength: 1
+ description: Shown as the Title in Flow pages.
+ designation:
+ allOf:
+ - $ref: '#/components/schemas/FlowDesignationEnum'
+ description: Decides what this Flow is used for. For example, the Authentication
+ flow is redirect to when an un-authenticated user visits authentik.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ compatibility_mode:
+ type: boolean
+ description: Enable compatibility mode, increases compatibility with password
+ managers on mobile devices.
+ layout:
+ $ref: '#/components/schemas/LayoutEnum'
+ denied_action:
+ allOf:
+ - $ref: '#/components/schemas/DeniedActionEnum'
+ description: Configure what should happen when a flow denies access to a
+ user.
+ authentication:
+ allOf:
+ - $ref: '#/components/schemas/AuthenticationEnum'
+ description: Required level of authentication and authorization to access
+ a flow.
+ PatchedFlowStageBindingRequest:
+ type: object
+ description: FlowStageBinding Serializer
+ properties:
+ target:
+ type: string
+ format: uuid
+ stage:
+ type: string
+ format: uuid
+ evaluate_on_plan:
+ type: boolean
+ description: Evaluate policies during the Flow planning process. Disable
+ this for input-based policies.
+ re_evaluate_policies:
+ type: boolean
+ description: Evaluate policies when the Stage is present to the user.
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ invalid_response_action:
+ allOf:
+ - $ref: '#/components/schemas/InvalidResponseActionEnum'
+ description: Configure how the flow executor should handle an invalid response
+ to a challenge. RETRY returns the error message and a similar challenge
+ to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
+ restarts the flow while keeping the current context.
+ PatchedGroupRequest:
+ type: object
+ description: Group Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 80
+ is_superuser:
+ type: boolean
+ description: Users added to this group will be superusers.
+ parent:
+ type: string
+ format: uuid
+ nullable: true
+ users:
+ type: array
+ items:
+ type: integer
+ attributes:
+ type: object
+ additionalProperties: {}
+ PatchedHaveIBeenPwendPolicyRequest:
+ type: object
+ description: Have I Been Pwned Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ password_field:
+ type: string
+ minLength: 1
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ PatchedIdentificationStageRequest:
+ type: object
+ description: IdentificationStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ user_fields:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserFieldsEnum'
+ description: Fields of the user object to match against. (Hold shift to
+ select multiple options)
+ password_stage:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, shows a password field, instead of showing the password
+ field as seaprate step.
+ case_insensitive_matching:
+ type: boolean
+ description: When enabled, user fields are matched regardless of their casing.
+ show_matched_user:
+ type: boolean
+ description: When a valid username/email has been entered, and this option
+ is enabled, the user's username and avatar will be shown. Otherwise, the
+ text that the user entered will be shown
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional enrollment flow, which is linked at the bottom of
+ the page.
+ recovery_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional recovery flow, which is linked at the bottom of the
+ page.
+ passwordless_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optional passwordless flow, which is linked at the bottom of
+ the page.
+ sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Specify which sources should be shown.
+ show_source_labels:
+ type: boolean
+ PatchedInvitationRequest:
+ type: object
+ description: Invitation Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ expires:
+ type: string
+ format: date-time
+ fixed_data:
+ type: object
+ additionalProperties: {}
+ single_use:
+ type: boolean
+ description: When enabled, the invitation will be deleted after usage.
+ flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: When set, only the configured flow can use this invitation.
+ PatchedInvitationStageRequest:
+ type: object
+ description: InvitationStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ continue_flow_without_invitation:
+ type: boolean
+ description: If this flag is set, this Stage will jump to the next Stage
+ when no Invitation is given. By default this Stage will cancel the Flow
+ when no invitation is given.
+ PatchedKubernetesServiceConnectionRequest:
+ type: object
+ description: KubernetesServiceConnection Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ kubeconfig:
+ type: object
+ additionalProperties: {}
+ description: Paste your kubeconfig here. authentik will automatically use
+ the currently selected context.
+ verify_ssl:
+ type: boolean
+ description: Verify SSL Certificates of the Kubernetes API endpoint
+ PatchedLDAPPropertyMappingRequest:
+ type: object
+ description: LDAP PropertyMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ object_field:
+ type: string
+ minLength: 1
+ PatchedLDAPProviderRequest:
+ type: object
+ description: LDAPProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ base_dn:
+ type: string
+ minLength: 1
+ description: DN under which objects are accessible.
+ search_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Users in this group can do search queries. If not set, every
+ user can execute search queries.
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ tls_server_name:
+ type: string
+ uid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for uidNumbers, this number is added to the user.Pk
+ to make sure that the numbers aren't too low for POSIX users. Default
+ is 2000 to ensure that we don't collide with local users uidNumber
+ gid_start_number:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: The start for gidNumbers, this number is added to a number
+ generated from the group.Pk to make sure that the numbers aren't too low
+ for POSIX groups. Default is 4000 to ensure that we don't collide with
+ local groups or users primary groups gidNumber
+ search_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ bind_mode:
+ $ref: '#/components/schemas/LDAPAPIAccessMode'
+ PatchedLDAPSourceRequest:
+ type: object
+ description: LDAP Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ server_uri:
+ type: string
+ minLength: 1
+ format: uri
+ peer_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally verify the LDAP Server's Certificate against the
+ CA Chain in this keypair.
+ bind_cn:
+ type: string
+ bind_password:
+ type: string
+ writeOnly: true
+ start_tls:
+ type: boolean
+ title: Enable Start TLS
+ base_dn:
+ type: string
+ minLength: 1
+ additional_user_dn:
+ type: string
+ title: Addition User DN
+ description: Prepended to Base DN for User-queries.
+ additional_group_dn:
+ type: string
+ title: Addition Group DN
+ description: Prepended to Base DN for Group-queries.
+ user_object_filter:
+ type: string
+ minLength: 1
+ description: Consider Objects matching this filter to be Users.
+ group_object_filter:
+ type: string
+ minLength: 1
+ description: Consider Objects matching this filter to be Groups.
+ group_membership_field:
+ type: string
+ minLength: 1
+ description: Field which contains members of a group.
+ object_uniqueness_field:
+ type: string
+ minLength: 1
+ description: Field which contains a unique Identifier.
+ sync_users:
+ type: boolean
+ sync_users_password:
+ type: boolean
+ description: When a user changes their password, sync it back to LDAP. This
+ can only be enabled on a single LDAP source.
+ sync_groups:
+ type: boolean
+ sync_parent_group:
+ type: string
+ format: uuid
+ nullable: true
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ property_mappings_group:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Property mappings used for group creation/updating.
+ PatchedNotificationRequest:
+ type: object
+ description: Notification Serializer
+ properties:
+ event:
+ $ref: '#/components/schemas/EventRequest'
+ seen:
+ type: boolean
+ PatchedNotificationRuleRequest:
+ type: object
+ description: NotificationRule Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ transports:
+ type: array
+ items:
+ type: string
+ format: uuid
+ description: Select which transports should be used to notify the user.
+ If none are selected, the notification will only be shown in the authentik
+ UI.
+ severity:
+ allOf:
+ - $ref: '#/components/schemas/SeverityEnum'
+ description: Controls which severity level the created notifications will
+ have.
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Define which group of users this notification should be sent
+ and shown to. If left empty, Notification won't ben sent.
+ PatchedNotificationTransportRequest:
+ type: object
+ description: NotificationTransport Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ mode:
+ $ref: '#/components/schemas/NotificationTransportModeEnum'
+ webhook_url:
+ type: string
+ format: uri
+ webhook_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ send_once:
+ type: boolean
+ description: Only send notification once, for example when sending a webhook
+ into a chat channel.
+ PatchedNotificationWebhookMappingRequest:
+ type: object
+ description: NotificationWebhookMapping Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ PatchedOAuth2ProviderRequest:
+ type: object
+ description: OAuth2Provider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ client_type:
+ allOf:
+ - $ref: '#/components/schemas/ClientTypeEnum'
+ description: Confidential clients are capable of maintaining the confidentiality
+ of their credentials. Public clients are incapable
+ client_id:
+ type: string
+ minLength: 1
+ maxLength: 255
+ client_secret:
+ type: string
+ maxLength: 255
+ access_code_validity:
+ type: string
+ minLength: 1
+ description: 'Access codes not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ token_validity:
+ type: string
+ minLength: 1
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ include_claims_in_id_token:
+ type: boolean
+ description: Include User claims from scopes in the id_token, for applications
+ that don't access the userinfo endpoint.
+ signing_key:
+ type: string
+ format: uuid
+ nullable: true
+ description: Key used to sign the tokens. Only required when JWT Algorithm
+ is set to RS256.
+ redirect_uris:
+ type: string
+ description: Enter each URI on a new line.
+ sub_mode:
+ allOf:
+ - $ref: '#/components/schemas/SubModeEnum'
+ description: Configure what data should be used as unique User Identifier.
+ For most cases, the default should be fine.
+ issuer_mode:
+ allOf:
+ - $ref: '#/components/schemas/IssuerModeEnum'
+ description: Configure how the issuer field of the ID Token should be filled.
+ jwks_sources:
+ type: array
+ items:
+ type: string
+ format: uuid
+ title: Any JWT signed by the JWK of the selected source can be used to
+ authenticate.
+ title: Any JWT signed by the JWK of the selected source can be used to authenticate.
+ PatchedOAuthSourceRequest:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ provider_type:
+ $ref: '#/components/schemas/ProviderTypeEnum'
+ request_token_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used to request the initial token. This URL is only required
+ for OAuth 1.
+ maxLength: 255
+ authorization_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL the user is redirect to to conest the flow.
+ maxLength: 255
+ access_token_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used by authentik to retrieve tokens.
+ maxLength: 255
+ profile_url:
+ type: string
+ nullable: true
+ minLength: 1
+ description: URL used by authentik to get user information.
+ maxLength: 255
+ consumer_key:
+ type: string
+ minLength: 1
+ consumer_secret:
+ type: string
+ writeOnly: true
+ minLength: 1
+ additional_scopes:
+ type: string
+ oidc_well_known_url:
+ type: string
+ oidc_jwks_url:
+ type: string
+ oidc_jwks:
+ type: object
+ additionalProperties: {}
+ PatchedOutpostRequest:
+ type: object
+ description: Outpost Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ type:
+ $ref: '#/components/schemas/OutpostTypeEnum'
+ providers:
+ type: array
+ items:
+ type: integer
+ service_connection:
+ type: string
+ format: uuid
+ nullable: true
+ description: Select Service-Connection authentik should use to manage this
+ outpost. Leave empty if authentik should not handle the deployment.
+ config:
+ type: object
+ additionalProperties: {}
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ PatchedPasswordExpiryPolicyRequest:
+ type: object
+ description: Password Expiry Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ days:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ deny_only:
+ type: boolean
+ PatchedPasswordPolicyRequest:
+ type: object
+ description: Password Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ password_field:
+ type: string
+ minLength: 1
+ description: Field key to check, field keys defined in Prompt stages are
+ available.
+ amount_digits:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_uppercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_lowercase:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ amount_symbols:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ length_min:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ symbol_charset:
+ type: string
+ minLength: 1
+ error_message:
+ type: string
+ check_static_rules:
+ type: boolean
+ check_have_i_been_pwned:
+ type: boolean
+ check_zxcvbn:
+ type: boolean
+ hibp_allowed_count:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: How many times the password hash is allowed to be on haveibeenpwned
+ zxcvbn_score_threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: 0
+ description: If the zxcvbn score is equal or less than this value, the policy
+ will fail.
+ PatchedPasswordStageRequest:
+ type: object
+ description: PasswordStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ backends:
+ type: array
+ items:
+ $ref: '#/components/schemas/BackendsEnum'
+ description: Selection of backends to test the password against.
+ configure_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow used by an authenticated user to configure this Stage.
+ If empty, user will not be able to configure this stage.
+ failed_attempts_before_cancel:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: How many attempts a user has before the flow is canceled. To
+ lock the user out, use a reputation policy and a user_write stage.
+ PatchedPlexSourceConnectionRequest:
+ type: object
+ description: Plex Source connection Serializer
+ properties:
+ identifier:
+ type: string
+ minLength: 1
+ plex_token:
+ type: string
+ minLength: 1
+ PatchedPlexSourceRequest:
+ type: object
+ description: Plex Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ client_id:
+ type: string
+ minLength: 1
+ description: Client identifier used to talk to Plex.
+ allowed_servers:
+ type: array
+ items:
+ type: string
+ minLength: 1
+ description: Which servers a user has to be a member of to be granted access.
+ Empty list allows every server.
+ allow_friends:
+ type: boolean
+ description: Allow friends to authenticate, even if you don't share a server.
+ plex_token:
+ type: string
+ minLength: 1
+ description: Plex token used to check friends
+ PatchedPolicyBindingRequest:
+ type: object
+ description: PolicyBinding Serializer
+ properties:
+ policy:
+ type: string
+ format: uuid
+ nullable: true
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ user:
+ type: integer
+ nullable: true
+ target:
+ type: string
+ format: uuid
+ negate:
+ type: boolean
+ description: Negates the outcome of the policy. Messages are unaffected.
+ enabled:
+ type: boolean
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Timeout after which Policy execution is terminated.
+ PatchedPromptRequest:
+ type: object
+ description: Prompt Serializer
+ properties:
+ field_key:
+ type: string
+ minLength: 1
+ description: Name of the form field, also used to store the value
+ label:
+ type: string
+ minLength: 1
+ type:
+ $ref: '#/components/schemas/PromptTypeEnum'
+ required:
+ type: boolean
+ placeholder:
+ type: string
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ promptstage_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/StageRequest'
+ sub_text:
+ type: string
+ placeholder_expression:
+ type: boolean
+ PatchedPromptStageRequest:
+ type: object
+ description: PromptStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ fields:
+ type: array
+ items:
+ type: string
+ format: uuid
+ validation_policies:
+ type: array
+ items:
+ type: string
+ format: uuid
+ PatchedProxyProviderRequest:
+ type: object
+ description: ProxyProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ internal_host:
+ type: string
+ format: uri
+ external_host:
+ type: string
+ minLength: 1
+ format: uri
+ internal_host_ssl_validation:
+ type: boolean
+ description: Validate SSL Certificates of upstream servers
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ skip_path_regex:
+ type: string
+ description: Regular expressions for which authentication is not required.
+ Each new line is interpreted as a new Regular Expression.
+ basic_auth_enabled:
+ type: boolean
+ title: Set HTTP-Basic Authentication
+ description: Set a custom HTTP-Basic Authentication header based on values
+ from authentik.
+ basic_auth_password_attribute:
+ type: string
+ title: HTTP-Basic Password Key
+ description: User/Group Attribute used for the password part of the HTTP-Basic
+ Header.
+ basic_auth_user_attribute:
+ type: string
+ title: HTTP-Basic Username Key
+ description: User/Group Attribute used for the user part of the HTTP-Basic
+ Header. If not set, the user's Email address is used.
+ mode:
+ allOf:
+ - $ref: '#/components/schemas/ProxyMode'
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
+ cookie_domain:
+ type: string
+ token_validity:
+ type: string
+ minLength: 1
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ PatchedReputationPolicyRequest:
+ type: object
+ description: Reputation Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ check_ip:
+ type: boolean
+ check_username:
+ type: boolean
+ threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ PatchedSAMLPropertyMappingRequest:
+ type: object
+ description: SAMLPropertyMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ saml_name:
+ type: string
+ minLength: 1
+ friendly_name:
+ type: string
+ nullable: true
+ PatchedSAMLProviderRequest:
+ type: object
+ description: SAMLProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ acs_url:
+ type: string
+ format: uri
+ minLength: 1
+ maxLength: 200
+ audience:
+ type: string
+ description: Value of the audience restriction field of the assertion. When
+ left empty, no audience restriction will be added.
+ issuer:
+ type: string
+ minLength: 1
+ description: Also known as EntityID
+ assertion_valid_not_before:
+ type: string
+ minLength: 1
+ description: 'Assertion valid not before current time + this value (Format:
+ hours=-1;minutes=-2;seconds=-3).'
+ assertion_valid_not_on_or_after:
+ type: string
+ minLength: 1
+ description: 'Assertion not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ session_valid_not_on_or_after:
+ type: string
+ minLength: 1
+ description: 'Session not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ name_id_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ title: NameID Property Mapping
+ description: Configure how the NameID value will be created. When left empty,
+ the NameIDPolicy of the incoming request will be considered
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair used to sign outgoing Responses going to the Service
+ Provider.
+ verification_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Verification Certificate
+ description: When selected, incoming assertion's Signatures will be validated
+ against this certificate. To allow unsigned Requests, leave on default.
+ sp_binding:
+ allOf:
+ - $ref: '#/components/schemas/SpBindingEnum'
+ title: Service Provider Binding
+ description: This determines how authentik sends the response back to the
+ Service Provider.
+ PatchedSAMLSourceRequest:
+ type: object
+ description: SAMLSource Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ pre_authentication_flow:
+ type: string
+ format: uuid
+ description: Flow used before authentication.
+ issuer:
+ type: string
+ description: Also known as Entity ID. Defaults the Metadata URL.
+ sso_url:
+ type: string
+ format: uri
+ minLength: 1
+ description: URL that the initial Login request is sent to.
+ maxLength: 200
+ slo_url:
+ type: string
+ format: uri
+ nullable: true
+ description: Optional URL if your IDP supports Single-Logout.
+ maxLength: 200
+ allow_idp_initiated:
+ type: boolean
+ description: Allows authentication flows initiated by the IdP. This can
+ be a security risk, as no validation of the request ID is done.
+ name_id_policy:
+ allOf:
+ - $ref: '#/components/schemas/NameIdPolicyEnum'
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
+ binding_type:
+ $ref: '#/components/schemas/BindingTypeEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair which is used to sign outgoing requests. Leave empty
+ to disable signing.
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ temporary_user_delete_after:
+ type: string
+ minLength: 1
+ title: Delete temporary users after
+ description: 'Time offset when temporary users should be deleted. This only
+ applies if your IDP uses the NameID Format ''transient'', and the user
+ doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
+ PatchedSMSDeviceRequest:
+ type: object
+ description: Serializer for sms authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ PatchedScopeMappingRequest:
+ type: object
+ description: ScopeMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ scope_name:
+ type: string
+ minLength: 1
+ description: Scope used by the client
+ description:
+ type: string
+ description: Description shown to the user when consenting. If left empty,
+ the user won't be informed.
+ PatchedStaticDeviceRequest:
+ type: object
+ description: Serializer for static authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ PatchedTOTPDeviceRequest:
+ type: object
+ description: Serializer for totp authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ PatchedTenantRequest:
+ type: object
+ description: Tenant Serializer
+ properties:
+ domain:
+ type: string
+ minLength: 1
+ description: Domain that activates this tenant. Can be a superset, i.e.
+ `a.b` for `aa.b` and `ba.b`
+ default:
+ type: boolean
+ branding_title:
+ type: string
+ minLength: 1
+ branding_logo:
+ type: string
+ minLength: 1
+ branding_favicon:
+ type: string
+ minLength: 1
+ flow_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ flow_invalidation:
+ type: string
+ format: uuid
+ nullable: true
+ flow_recovery:
+ type: string
+ format: uuid
+ nullable: true
+ flow_unenrollment:
+ type: string
+ format: uuid
+ nullable: true
+ flow_user_settings:
+ type: string
+ format: uuid
+ nullable: true
+ flow_device_code:
+ type: string
+ format: uuid
+ nullable: true
+ event_retention:
+ type: string
+ minLength: 1
+ description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+ web_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Web Certificate used by the authentik Core webserver.
+ attributes:
+ type: object
+ additionalProperties: {}
+ PatchedTokenRequest:
+ type: object
+ description: Token Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ identifier:
+ type: string
+ minLength: 1
+ maxLength: 255
+ pattern: ^[-a-zA-Z0-9_]+$
+ intent:
+ $ref: '#/components/schemas/IntentEnum'
+ user:
+ type: integer
+ description:
+ type: string
+ expires:
+ type: string
+ format: date-time
+ expiring:
+ type: boolean
+ PatchedUserDeleteStageRequest:
+ type: object
+ description: UserDeleteStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ PatchedUserLoginStageRequest:
+ type: object
+ description: UserLoginStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ session_duration:
+ type: string
+ minLength: 1
+ description: 'Determines how long a session lasts. Default of 0 means that
+ the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
+ PatchedUserLogoutStageRequest:
+ type: object
+ description: UserLogoutStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ PatchedUserOAuthSourceConnectionRequest:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ user:
+ type: integer
+ identifier:
+ type: string
+ minLength: 1
+ maxLength: 255
+ access_token:
+ type: string
+ writeOnly: true
+ nullable: true
+ PatchedUserRequest:
+ type: object
+ description: User Serializer
+ properties:
+ username:
+ type: string
+ minLength: 1
+ maxLength: 150
+ name:
+ type: string
+ description: User's display name.
+ is_active:
+ type: boolean
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ last_login:
+ type: string
+ format: date-time
+ nullable: true
+ groups:
+ type: array
+ items:
+ type: string
+ format: uuid
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ attributes:
+ type: object
+ additionalProperties: {}
+ path:
+ type: string
+ minLength: 1
+ PatchedUserSAMLSourceConnectionRequest:
+ type: object
+ description: SAML Source Serializer
+ properties:
+ user:
+ type: integer
+ identifier:
+ type: string
+ minLength: 1
+ PatchedUserWriteStageRequest:
+ type: object
+ description: UserWriteStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ create_users_as_inactive:
+ type: boolean
+ description: When set, newly created users are inactive and cannot login.
+ create_users_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally add newly created users to this group.
+ can_create_users:
+ type: boolean
+ description: When set, this stage can create users. If not enabled and no
+ user is available, stage will fail.
+ user_path_template:
+ type: string
+ PatchedWebAuthnDeviceRequest:
+ type: object
+ description: Serializer for WebAuthn authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 200
+ Permission:
+ type: object
+ description: Permission used for consent
+ properties:
+ name:
+ type: string
+ id:
+ type: string
+ required:
+ - id
+ - name
+ PlexAuthenticationChallenge:
+ type: object
+ description: Challenge shown to the user in identification stage
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-source-plex
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ client_id:
+ type: string
+ slug:
+ type: string
+ required:
+ - client_id
+ - slug
+ - type
+ PlexAuthenticationChallengeResponseRequest:
+ type: object
+ description: Pseudo class for plex response
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-source-plex
+ PlexSource:
+ type: object
+ description: Plex Source Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Source's display Name.
+ slug:
+ type: string
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ readOnly: true
+ user_path_template:
+ type: string
+ icon:
+ type: string
+ nullable: true
+ readOnly: true
+ client_id:
+ type: string
+ description: Client identifier used to talk to Plex.
+ allowed_servers:
+ type: array
+ items:
+ type: string
+ description: Which servers a user has to be a member of to be granted access.
+ Empty list allows every server.
+ allow_friends:
+ type: boolean
+ description: Allow friends to authenticate, even if you don't share a server.
+ plex_token:
+ type: string
+ description: Plex token used to check friends
+ required:
+ - component
+ - icon
+ - managed
+ - meta_model_name
+ - name
+ - pk
+ - plex_token
+ - slug
+ - verbose_name
+ - verbose_name_plural
+ PlexSourceConnection:
+ type: object
+ description: Plex Source connection Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ user:
+ type: integer
+ readOnly: true
+ source:
+ allOf:
+ - $ref: '#/components/schemas/Source'
+ readOnly: true
+ identifier:
+ type: string
+ plex_token:
+ type: string
+ required:
+ - identifier
+ - pk
+ - plex_token
+ - source
+ - user
+ PlexSourceConnectionRequest:
+ type: object
+ description: Plex Source connection Serializer
+ properties:
+ identifier:
+ type: string
+ minLength: 1
+ plex_token:
+ type: string
+ minLength: 1
+ required:
+ - identifier
+ - plex_token
+ PlexSourceRequest:
+ type: object
+ description: Plex Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ client_id:
+ type: string
+ minLength: 1
+ description: Client identifier used to talk to Plex.
+ allowed_servers:
+ type: array
+ items:
+ type: string
+ minLength: 1
+ description: Which servers a user has to be a member of to be granted access.
+ Empty list allows every server.
+ allow_friends:
+ type: boolean
+ description: Allow friends to authenticate, even if you don't share a server.
+ plex_token:
+ type: string
+ minLength: 1
+ description: Plex token used to check friends
+ required:
+ - name
+ - plex_token
+ - slug
+ PlexTokenRedeemRequest:
+ type: object
+ description: Serializer to redeem a plex token
+ properties:
+ plex_token:
+ type: string
+ minLength: 1
+ required:
+ - plex_token
+ Policy:
+ type: object
+ description: Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PolicyBinding:
+ type: object
+ description: PolicyBinding Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy binding uuid
+ policy:
+ type: string
+ format: uuid
+ nullable: true
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ user:
+ type: integer
+ nullable: true
+ policy_obj:
+ allOf:
+ - $ref: '#/components/schemas/Policy'
+ readOnly: true
+ group_obj:
+ allOf:
+ - $ref: '#/components/schemas/Group'
+ readOnly: true
+ user_obj:
+ allOf:
+ - $ref: '#/components/schemas/User'
+ readOnly: true
+ target:
+ type: string
+ format: uuid
+ negate:
+ type: boolean
+ description: Negates the outcome of the policy. Messages are unaffected.
+ enabled:
+ type: boolean
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Timeout after which Policy execution is terminated.
+ required:
+ - group_obj
+ - order
+ - pk
+ - policy_obj
+ - target
+ - user_obj
+ PolicyBindingRequest:
+ type: object
+ description: PolicyBinding Serializer
+ properties:
+ policy:
+ type: string
+ format: uuid
+ nullable: true
+ group:
+ type: string
+ format: uuid
+ nullable: true
+ user:
+ type: integer
+ nullable: true
+ target:
+ type: string
+ format: uuid
+ negate:
+ type: boolean
+ description: Negates the outcome of the policy. Messages are unaffected.
+ enabled:
+ type: boolean
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ timeout:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ description: Timeout after which Policy execution is terminated.
+ required:
+ - order
+ - target
+ PolicyEngineMode:
+ enum:
+ - all
+ - any
+ type: string
+ PolicyRequest:
+ type: object
+ description: Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ PolicyTestRequest:
+ type: object
+ description: Test policy execution for a user with context
+ properties:
+ user:
+ type: integer
+ context:
+ type: object
+ additionalProperties: {}
+ required:
+ - user
+ PolicyTestResult:
+ type: object
+ description: result of a policy test
+ properties:
+ passing:
+ type: boolean
+ messages:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ log_messages:
+ type: array
+ items:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ required:
+ - log_messages
+ - messages
+ - passing
+ Prompt:
+ type: object
+ description: Prompt Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Prompt uuid
+ field_key:
+ type: string
+ description: Name of the form field, also used to store the value
+ label:
+ type: string
+ type:
+ $ref: '#/components/schemas/PromptTypeEnum'
+ required:
+ type: boolean
+ placeholder:
+ type: string
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ promptstage_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/Stage'
+ sub_text:
+ type: string
+ placeholder_expression:
+ type: boolean
+ required:
+ - field_key
+ - label
+ - pk
+ - type
+ PromptChallenge:
+ type: object
+ description: Initial challenge being sent, define fields
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: ak-stage-prompt
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ fields:
+ type: array
+ items:
+ $ref: '#/components/schemas/StagePrompt'
+ required:
+ - fields
+ - type
+ PromptChallengeResponseRequest:
+ type: object
+ description: |-
+ Validate response, fields are dynamically created based
+ on the stage
+ properties:
+ component:
+ type: string
+ minLength: 1
+ default: ak-stage-prompt
+ additionalProperties: {}
+ PromptRequest:
+ type: object
+ description: Prompt Serializer
+ properties:
+ field_key:
+ type: string
+ minLength: 1
+ description: Name of the form field, also used to store the value
+ label:
+ type: string
+ minLength: 1
+ type:
+ $ref: '#/components/schemas/PromptTypeEnum'
+ required:
+ type: boolean
+ placeholder:
+ type: string
+ order:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ promptstage_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/StageRequest'
+ sub_text:
+ type: string
+ placeholder_expression:
+ type: boolean
+ required:
+ - field_key
+ - label
+ - type
+ PromptStage:
+ type: object
+ description: PromptStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ fields:
+ type: array
+ items:
+ type: string
+ format: uuid
+ validation_policies:
+ type: array
+ items:
+ type: string
+ format: uuid
+ required:
+ - component
+ - fields
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PromptStageRequest:
+ type: object
+ description: PromptStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ fields:
+ type: array
+ items:
+ type: string
+ format: uuid
+ validation_policies:
+ type: array
+ items:
+ type: string
+ format: uuid
+ required:
+ - fields
+ - name
+ PromptTypeEnum:
+ enum:
+ - text
+ - text_read_only
+ - username
+ - email
+ - password
+ - number
+ - checkbox
+ - date
+ - date-time
+ - file
+ - separator
+ - hidden
+ - static
+ - ak-locale
+ type: string
+ PropertyMapping:
+ type: object
+ description: PropertyMapping Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pm uuid
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ expression:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ required:
+ - component
+ - expression
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ PropertyMappingPreview:
+ type: object
+ description: Preview how the current user is mapped via the property mappings
+ selected in a provider
+ properties:
+ preview:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ required:
+ - preview
+ PropertyMappingTestResult:
+ type: object
+ description: Result of a Property-mapping test
+ properties:
+ result:
+ type: string
+ readOnly: true
+ successful:
+ type: boolean
+ readOnly: true
+ required:
+ - result
+ - successful
+ Provider:
+ type: object
+ description: Provider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ component:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ required:
+ - assigned_application_name
+ - assigned_application_slug
+ - authorization_flow
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ ProviderEnum:
+ enum:
+ - twilio
+ - generic
+ type: string
+ ProviderRequest:
+ type: object
+ description: Provider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ required:
+ - authorization_flow
+ - name
+ ProviderTypeEnum:
+ enum:
+ - apple
+ - azuread
+ - discord
+ - facebook
+ - github
+ - google
+ - openidconnect
+ - okta
+ - reddit
+ - twitter
+ - mailcow
+ - twitch
+ type: string
+ ProxyMode:
+ enum:
+ - proxy
+ - forward_single
+ - forward_domain
+ type: string
+ ProxyOutpostConfig:
+ type: object
+ description: Proxy provider serializer for outposts
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ internal_host:
+ type: string
+ format: uri
+ external_host:
+ type: string
+ format: uri
+ internal_host_ssl_validation:
+ type: boolean
+ description: Validate SSL Certificates of upstream servers
+ client_id:
+ type: string
+ maxLength: 255
+ client_secret:
+ type: string
+ maxLength: 255
+ oidc_configuration:
+ allOf:
+ - $ref: '#/components/schemas/OpenIDConnectConfiguration'
+ readOnly: true
+ cookie_secret:
+ type: string
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ skip_path_regex:
+ type: string
+ description: Regular expressions for which authentication is not required.
+ Each new line is interpreted as a new Regular Expression.
+ basic_auth_enabled:
+ type: boolean
+ title: Set HTTP-Basic Authentication
+ description: Set a custom HTTP-Basic Authentication header based on values
+ from authentik.
+ basic_auth_password_attribute:
+ type: string
+ title: HTTP-Basic Password Key
+ description: User/Group Attribute used for the password part of the HTTP-Basic
+ Header.
+ basic_auth_user_attribute:
+ type: string
+ title: HTTP-Basic Username Key
+ description: User/Group Attribute used for the user part of the HTTP-Basic
+ Header. If not set, the user's Email address is used.
+ mode:
+ allOf:
+ - $ref: '#/components/schemas/ProxyMode'
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
+ cookie_domain:
+ type: string
+ token_validity:
+ type: number
+ format: double
+ nullable: true
+ readOnly: true
+ scopes_to_request:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ required:
+ - assigned_application_name
+ - assigned_application_slug
+ - external_host
+ - name
+ - oidc_configuration
+ - pk
+ - scopes_to_request
+ - token_validity
+ ProxyProvider:
+ type: object
+ description: ProxyProvider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ component:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ internal_host:
+ type: string
+ format: uri
+ external_host:
+ type: string
+ format: uri
+ internal_host_ssl_validation:
+ type: boolean
+ description: Validate SSL Certificates of upstream servers
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ skip_path_regex:
+ type: string
+ description: Regular expressions for which authentication is not required.
+ Each new line is interpreted as a new Regular Expression.
+ basic_auth_enabled:
+ type: boolean
+ title: Set HTTP-Basic Authentication
+ description: Set a custom HTTP-Basic Authentication header based on values
+ from authentik.
+ basic_auth_password_attribute:
+ type: string
+ title: HTTP-Basic Password Key
+ description: User/Group Attribute used for the password part of the HTTP-Basic
+ Header.
+ basic_auth_user_attribute:
+ type: string
+ title: HTTP-Basic Username Key
+ description: User/Group Attribute used for the user part of the HTTP-Basic
+ Header. If not set, the user's Email address is used.
+ mode:
+ allOf:
+ - $ref: '#/components/schemas/ProxyMode'
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
+ redirect_uris:
+ type: string
+ readOnly: true
+ cookie_domain:
+ type: string
+ token_validity:
+ type: string
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ outpost_set:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ required:
+ - assigned_application_name
+ - assigned_application_slug
+ - authorization_flow
+ - component
+ - external_host
+ - meta_model_name
+ - name
+ - outpost_set
+ - pk
+ - redirect_uris
+ - verbose_name
+ - verbose_name_plural
+ ProxyProviderRequest:
+ type: object
+ description: ProxyProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ internal_host:
+ type: string
+ format: uri
+ external_host:
+ type: string
+ minLength: 1
+ format: uri
+ internal_host_ssl_validation:
+ type: boolean
+ description: Validate SSL Certificates of upstream servers
+ certificate:
+ type: string
+ format: uuid
+ nullable: true
+ skip_path_regex:
+ type: string
+ description: Regular expressions for which authentication is not required.
+ Each new line is interpreted as a new Regular Expression.
+ basic_auth_enabled:
+ type: boolean
+ title: Set HTTP-Basic Authentication
+ description: Set a custom HTTP-Basic Authentication header based on values
+ from authentik.
+ basic_auth_password_attribute:
+ type: string
+ title: HTTP-Basic Password Key
+ description: User/Group Attribute used for the password part of the HTTP-Basic
+ Header.
+ basic_auth_user_attribute:
+ type: string
+ title: HTTP-Basic Username Key
+ description: User/Group Attribute used for the user part of the HTTP-Basic
+ Header. If not set, the user's Email address is used.
+ mode:
+ allOf:
+ - $ref: '#/components/schemas/ProxyMode'
+ description: Enable support for forwardAuth in traefik and nginx auth_request.
+ Exclusive with internal_host.
+ cookie_domain:
+ type: string
+ token_validity:
+ type: string
+ minLength: 1
+ description: 'Tokens not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ required:
+ - authorization_flow
+ - external_host
+ - name
+ RedirectChallenge:
+ type: object
+ description: Challenge type to redirect the client
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: xak-flow-redirect
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ to:
+ type: string
+ required:
+ - to
+ - type
+ RefreshTokenModel:
+ type: object
+ description: Serializer for BaseGrantModel and RefreshToken
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ provider:
+ $ref: '#/components/schemas/OAuth2Provider'
+ user:
+ $ref: '#/components/schemas/User'
+ is_expired:
+ type: boolean
+ readOnly: true
+ expires:
+ type: string
+ format: date-time
+ scope:
+ type: array
+ items:
+ type: string
+ id_token:
+ type: string
+ readOnly: true
+ revoked:
+ type: boolean
+ required:
+ - id_token
+ - is_expired
+ - pk
+ - provider
+ - scope
+ - user
+ Reputation:
+ type: object
+ description: Reputation Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ title: Reputation uuid
+ identifier:
+ type: string
+ ip:
+ type: string
+ ip_geo_data:
+ type: object
+ additionalProperties: {}
+ score:
+ type: integer
+ maximum: 9223372036854775807
+ minimum: -9223372036854775808
+ format: int64
+ updated:
+ type: string
+ format: date-time
+ readOnly: true
+ required:
+ - identifier
+ - ip
+ - updated
+ ReputationPolicy:
+ type: object
+ description: Reputation Policy Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Policy uuid
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ bound_to:
+ type: integer
+ readOnly: true
+ check_ip:
+ type: boolean
+ check_username:
+ type: boolean
+ threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ required:
+ - bound_to
+ - component
+ - meta_model_name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ ReputationPolicyRequest:
+ type: object
+ description: Reputation Policy Serializer
+ properties:
+ name:
+ type: string
+ nullable: true
+ execution_logging:
+ type: boolean
+ description: When this option is enabled, all executions of this policy
+ will be logged. By default, only execution errors are logged.
+ check_ip:
+ type: boolean
+ check_username:
+ type: boolean
+ threshold:
+ type: integer
+ maximum: 2147483647
+ minimum: -2147483648
+ ResidentKeyRequirementEnum:
+ enum:
+ - discouraged
+ - preferred
+ - required
+ type: string
+ SAMLMetadata:
+ type: object
+ description: SAML Provider Metadata serializer
+ properties:
+ metadata:
+ type: string
+ readOnly: true
+ download_url:
+ type: string
+ readOnly: true
+ required:
+ - download_url
+ - metadata
+ SAMLPropertyMapping:
+ type: object
+ description: SAMLPropertyMapping Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pm uuid
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ expression:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ saml_name:
+ type: string
+ friendly_name:
+ type: string
+ nullable: true
+ required:
+ - component
+ - expression
+ - meta_model_name
+ - name
+ - pk
+ - saml_name
+ - verbose_name
+ - verbose_name_plural
+ SAMLPropertyMappingRequest:
+ type: object
+ description: SAMLPropertyMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ saml_name:
+ type: string
+ minLength: 1
+ friendly_name:
+ type: string
+ nullable: true
+ required:
+ - expression
+ - name
+ - saml_name
+ SAMLProvider:
+ type: object
+ description: SAMLProvider Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ component:
+ type: string
+ readOnly: true
+ assigned_application_slug:
+ type: string
+ description: Internal application name, used in URLs.
+ readOnly: true
+ assigned_application_name:
+ type: string
+ description: Application's display Name.
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ acs_url:
+ type: string
+ format: uri
+ maxLength: 200
+ audience:
+ type: string
+ description: Value of the audience restriction field of the assertion. When
+ left empty, no audience restriction will be added.
+ issuer:
+ type: string
+ description: Also known as EntityID
+ assertion_valid_not_before:
+ type: string
+ description: 'Assertion valid not before current time + this value (Format:
+ hours=-1;minutes=-2;seconds=-3).'
+ assertion_valid_not_on_or_after:
+ type: string
+ description: 'Assertion not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ session_valid_not_on_or_after:
+ type: string
+ description: 'Session not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ name_id_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ title: NameID Property Mapping
+ description: Configure how the NameID value will be created. When left empty,
+ the NameIDPolicy of the incoming request will be considered
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair used to sign outgoing Responses going to the Service
+ Provider.
+ verification_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Verification Certificate
+ description: When selected, incoming assertion's Signatures will be validated
+ against this certificate. To allow unsigned Requests, leave on default.
+ sp_binding:
+ allOf:
+ - $ref: '#/components/schemas/SpBindingEnum'
+ title: Service Provider Binding
+ description: This determines how authentik sends the response back to the
+ Service Provider.
+ url_download_metadata:
+ type: string
+ readOnly: true
+ url_sso_post:
+ type: string
+ readOnly: true
+ url_sso_redirect:
+ type: string
+ readOnly: true
+ url_sso_init:
+ type: string
+ readOnly: true
+ required:
+ - acs_url
+ - assigned_application_name
+ - assigned_application_slug
+ - authorization_flow
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - url_download_metadata
+ - url_sso_init
+ - url_sso_post
+ - url_sso_redirect
+ - verbose_name
+ - verbose_name_plural
+ SAMLProviderImportRequest:
+ type: object
+ description: Import saml provider from XML Metadata
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ minLength: 1
+ description: Visible in the URL.
+ file:
+ type: string
+ format: binary
+ required:
+ - authorization_flow
+ - file
+ - name
+ SAMLProviderRequest:
+ type: object
+ description: SAMLProvider Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ authorization_flow:
+ type: string
+ format: uuid
+ description: Flow used when authorizing this provider.
+ property_mappings:
+ type: array
+ items:
+ type: string
+ format: uuid
+ acs_url:
+ type: string
+ format: uri
+ minLength: 1
+ maxLength: 200
+ audience:
+ type: string
+ description: Value of the audience restriction field of the assertion. When
+ left empty, no audience restriction will be added.
+ issuer:
+ type: string
+ minLength: 1
+ description: Also known as EntityID
+ assertion_valid_not_before:
+ type: string
+ minLength: 1
+ description: 'Assertion valid not before current time + this value (Format:
+ hours=-1;minutes=-2;seconds=-3).'
+ assertion_valid_not_on_or_after:
+ type: string
+ minLength: 1
+ description: 'Assertion not valid on or after current time + this value
+ (Format: hours=1;minutes=2;seconds=3).'
+ session_valid_not_on_or_after:
+ type: string
+ minLength: 1
+ description: 'Session not valid on or after current time + this value (Format:
+ hours=1;minutes=2;seconds=3).'
+ name_id_mapping:
+ type: string
+ format: uuid
+ nullable: true
+ title: NameID Property Mapping
+ description: Configure how the NameID value will be created. When left empty,
+ the NameIDPolicy of the incoming request will be considered
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair used to sign outgoing Responses going to the Service
+ Provider.
+ verification_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Verification Certificate
+ description: When selected, incoming assertion's Signatures will be validated
+ against this certificate. To allow unsigned Requests, leave on default.
+ sp_binding:
+ allOf:
+ - $ref: '#/components/schemas/SpBindingEnum'
+ title: Service Provider Binding
+ description: This determines how authentik sends the response back to the
+ Service Provider.
+ required:
+ - acs_url
+ - authorization_flow
+ - name
+ SAMLSource:
+ type: object
+ description: SAMLSource Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Source's display Name.
+ slug:
+ type: string
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ readOnly: true
+ user_path_template:
+ type: string
+ icon:
+ type: string
+ nullable: true
+ readOnly: true
+ pre_authentication_flow:
+ type: string
+ format: uuid
+ description: Flow used before authentication.
+ issuer:
+ type: string
+ description: Also known as Entity ID. Defaults the Metadata URL.
+ sso_url:
+ type: string
+ format: uri
+ description: URL that the initial Login request is sent to.
+ maxLength: 200
+ slo_url:
+ type: string
+ format: uri
+ nullable: true
+ description: Optional URL if your IDP supports Single-Logout.
+ maxLength: 200
+ allow_idp_initiated:
+ type: boolean
+ description: Allows authentication flows initiated by the IdP. This can
+ be a security risk, as no validation of the request ID is done.
+ name_id_policy:
+ allOf:
+ - $ref: '#/components/schemas/NameIdPolicyEnum'
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
+ binding_type:
+ $ref: '#/components/schemas/BindingTypeEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair which is used to sign outgoing requests. Leave empty
+ to disable signing.
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ temporary_user_delete_after:
+ type: string
+ title: Delete temporary users after
+ description: 'Time offset when temporary users should be deleted. This only
+ applies if your IDP uses the NameID Format ''transient'', and the user
+ doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
+ required:
+ - component
+ - icon
+ - managed
+ - meta_model_name
+ - name
+ - pk
+ - pre_authentication_flow
+ - slug
+ - sso_url
+ - verbose_name
+ - verbose_name_plural
+ SAMLSourceRequest:
+ type: object
+ description: SAMLSource Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ pre_authentication_flow:
+ type: string
+ format: uuid
+ description: Flow used before authentication.
+ issuer:
+ type: string
+ description: Also known as Entity ID. Defaults the Metadata URL.
+ sso_url:
+ type: string
+ format: uri
+ minLength: 1
+ description: URL that the initial Login request is sent to.
+ maxLength: 200
+ slo_url:
+ type: string
+ format: uri
+ nullable: true
+ description: Optional URL if your IDP supports Single-Logout.
+ maxLength: 200
+ allow_idp_initiated:
+ type: boolean
+ description: Allows authentication flows initiated by the IdP. This can
+ be a security risk, as no validation of the request ID is done.
+ name_id_policy:
+ allOf:
+ - $ref: '#/components/schemas/NameIdPolicyEnum'
+ description: NameID Policy sent to the IdP. Can be unset, in which case
+ no Policy is sent.
+ binding_type:
+ $ref: '#/components/schemas/BindingTypeEnum'
+ signing_kp:
+ type: string
+ format: uuid
+ nullable: true
+ title: Signing Keypair
+ description: Keypair which is used to sign outgoing requests. Leave empty
+ to disable signing.
+ digest_algorithm:
+ $ref: '#/components/schemas/DigestAlgorithmEnum'
+ signature_algorithm:
+ $ref: '#/components/schemas/SignatureAlgorithmEnum'
+ temporary_user_delete_after:
+ type: string
+ minLength: 1
+ title: Delete temporary users after
+ description: 'Time offset when temporary users should be deleted. This only
+ applies if your IDP uses the NameID Format ''transient'', and the user
+ doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
+ required:
+ - name
+ - pre_authentication_flow
+ - slug
+ - sso_url
+ SMSDevice:
+ type: object
+ description: Serializer for sms authenticator devices
+ properties:
+ name:
+ type: string
+ description: The human-readable name of this device.
+ maxLength: 64
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ phone_number:
+ type: string
+ readOnly: true
+ required:
+ - name
+ - phone_number
+ - pk
+ SMSDeviceRequest:
+ type: object
+ description: Serializer for sms authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ required:
+ - name
+ ScopeMapping:
+ type: object
+ description: ScopeMapping Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pm uuid
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ expression:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ scope_name:
+ type: string
+ description: Scope used by the client
+ description:
+ type: string
+ description: Description shown to the user when consenting. If left empty,
+ the user won't be informed.
+ required:
+ - component
+ - expression
+ - meta_model_name
+ - name
+ - pk
+ - scope_name
+ - verbose_name
+ - verbose_name_plural
+ ScopeMappingRequest:
+ type: object
+ description: ScopeMapping Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ name:
+ type: string
+ minLength: 1
+ expression:
+ type: string
+ minLength: 1
+ scope_name:
+ type: string
+ minLength: 1
+ description: Scope used by the client
+ description:
+ type: string
+ description: Description shown to the user when consenting. If left empty,
+ the user won't be informed.
+ required:
+ - expression
+ - name
+ - scope_name
+ SelectableStage:
+ type: object
+ description: Serializer for stages which can be selected by users
+ properties:
+ pk:
+ type: string
+ format: uuid
+ name:
+ type: string
+ verbose_name:
+ type: string
+ meta_model_name:
+ type: string
+ required:
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ ServiceConnection:
+ type: object
+ description: ServiceConnection Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Uuid
+ name:
+ type: string
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ ServiceConnectionRequest:
+ type: object
+ description: ServiceConnection Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ local:
+ type: boolean
+ description: If enabled, use the local connection. Required Docker socket/Kubernetes
+ Integration
+ required:
+ - name
+ ServiceConnectionState:
+ type: object
+ description: Serializer for Service connection state
+ properties:
+ healthy:
+ type: boolean
+ readOnly: true
+ version:
+ type: string
+ readOnly: true
+ required:
+ - healthy
+ - version
+ SessionUser:
+ type: object
+ description: |-
+ Response for the /user/me endpoint, returns the currently active user (as `user` property)
+ and, if this user is being impersonated, the original user in the `original` property.
+ properties:
+ user:
+ $ref: '#/components/schemas/UserSelf'
+ original:
+ $ref: '#/components/schemas/UserSelf'
+ required:
+ - user
+ SeverityEnum:
+ enum:
+ - notice
+ - warning
+ - alert
+ type: string
+ ShellChallenge:
+ type: object
+ description: challenge type to render HTML as-is
+ properties:
+ type:
+ $ref: '#/components/schemas/ChallengeChoices'
+ flow_info:
+ $ref: '#/components/schemas/ContextualFlowInfo'
+ component:
+ type: string
+ default: xak-flow-shell
+ response_errors:
+ type: object
+ additionalProperties:
+ type: array
+ items:
+ $ref: '#/components/schemas/ErrorDetail'
+ body:
+ type: string
+ required:
+ - body
+ - type
+ SignatureAlgorithmEnum:
+ enum:
+ - http://www.w3.org/2000/09/xmldsig#rsa-sha1
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
+ - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
+ - http://www.w3.org/2000/09/xmldsig#dsa-sha1
+ type: string
+ Source:
+ type: object
+ description: Source Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Pbm uuid
+ name:
+ type: string
+ description: Source's display Name.
+ slug:
+ type: string
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ readOnly: true
+ user_path_template:
+ type: string
+ icon:
+ type: string
+ nullable: true
+ readOnly: true
+ required:
+ - component
+ - icon
+ - managed
+ - meta_model_name
+ - name
+ - pk
+ - slug
+ - verbose_name
+ - verbose_name_plural
+ SourceRequest:
+ type: object
+ description: Source Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: Source's display Name.
+ slug:
+ type: string
+ minLength: 1
+ description: Internal source name, used in URLs.
+ maxLength: 50
+ pattern: ^[-a-zA-Z0-9_]+$
+ enabled:
+ type: boolean
+ authentication_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when authenticating existing users.
+ enrollment_flow:
+ type: string
+ format: uuid
+ nullable: true
+ description: Flow to use when enrolling new users.
+ policy_engine_mode:
+ $ref: '#/components/schemas/PolicyEngineMode'
+ user_matching_mode:
+ allOf:
+ - $ref: '#/components/schemas/UserMatchingModeEnum'
+ description: How the source determines if an existing user should be authenticated
+ or a new user enrolled.
+ user_path_template:
+ type: string
+ minLength: 1
+ required:
+ - name
+ - slug
+ SourceType:
+ type: object
+ description: Serializer for SourceType
+ properties:
+ name:
+ type: string
+ slug:
+ type: string
+ urls_customizable:
+ type: boolean
+ request_token_url:
+ type: string
+ readOnly: true
+ nullable: true
+ authorization_url:
+ type: string
+ readOnly: true
+ nullable: true
+ access_token_url:
+ type: string
+ readOnly: true
+ nullable: true
+ profile_url:
+ type: string
+ readOnly: true
+ nullable: true
+ required:
+ - access_token_url
+ - authorization_url
+ - name
+ - profile_url
+ - request_token_url
+ - slug
+ - urls_customizable
+ SpBindingEnum:
+ enum:
+ - redirect
+ - post
+ type: string
+ Stage:
+ type: object
+ description: Stage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ StagePrompt:
+ type: object
+ description: Serializer for a single Prompt field
+ properties:
+ field_key:
+ type: string
+ label:
+ type: string
+ type:
+ $ref: '#/components/schemas/PromptTypeEnum'
+ required:
+ type: boolean
+ placeholder:
+ type: string
+ order:
+ type: integer
+ sub_text:
+ type: string
+ required:
+ - field_key
+ - label
+ - order
+ - placeholder
+ - required
+ - sub_text
+ - type
+ StageRequest:
+ type: object
+ description: Stage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ required:
+ - name
+ StaticDevice:
+ type: object
+ description: Serializer for static authenticator devices
+ properties:
+ name:
+ type: string
+ description: The human-readable name of this device.
+ maxLength: 64
+ token_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/StaticDeviceToken'
+ readOnly: true
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ required:
+ - name
+ - pk
+ - token_set
+ StaticDeviceRequest:
+ type: object
+ description: Serializer for static authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ required:
+ - name
+ StaticDeviceToken:
+ type: object
+ description: Serializer for static device's tokens
+ properties:
+ token:
+ type: string
+ maxLength: 16
+ required:
+ - token
+ StaticDeviceTokenRequest:
+ type: object
+ description: Serializer for static device's tokens
+ properties:
+ token:
+ type: string
+ minLength: 1
+ maxLength: 16
+ required:
+ - token
+ SubModeEnum:
+ enum:
+ - hashed_user_id
+ - user_username
+ - user_email
+ - user_upn
+ type: string
+ System:
+ type: object
+ description: Get system information.
+ properties:
+ env:
+ type: object
+ additionalProperties:
+ type: string
+ readOnly: true
+ http_headers:
+ type: object
+ additionalProperties:
+ type: string
+ readOnly: true
+ http_host:
+ type: string
+ readOnly: true
+ http_is_secure:
+ type: boolean
+ readOnly: true
+ runtime:
+ type: object
+ description: Runtime information
+ properties:
+ python_version:
+ type: string
+ gunicorn_version:
+ type: string
+ environment:
+ type: string
+ architecture:
+ type: string
+ platform:
+ type: string
+ uname:
+ type: string
+ required:
+ - architecture
+ - environment
+ - gunicorn_version
+ - platform
+ - python_version
+ - uname
+ readOnly: true
+ tenant:
+ type: string
+ readOnly: true
+ server_time:
+ type: string
+ format: date-time
+ readOnly: true
+ embedded_outpost_host:
+ type: string
+ readOnly: true
+ required:
+ - embedded_outpost_host
+ - env
+ - http_headers
+ - http_host
+ - http_is_secure
+ - runtime
+ - server_time
+ - tenant
+ TOTPDevice:
+ type: object
+ description: Serializer for totp authenticator devices
+ properties:
+ name:
+ type: string
+ description: The human-readable name of this device.
+ maxLength: 64
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ required:
+ - name
+ - pk
+ TOTPDeviceRequest:
+ type: object
+ description: Serializer for totp authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ description: The human-readable name of this device.
+ maxLength: 64
+ required:
+ - name
+ Task:
+ type: object
+ description: Serialize TaskInfo and TaskResult
+ properties:
+ task_name:
+ type: string
+ task_description:
+ type: string
+ task_finish_timestamp:
+ type: string
+ format: date-time
+ status:
+ $ref: '#/components/schemas/TaskStatusEnum'
+ messages:
+ type: array
+ items: {}
+ required:
+ - messages
+ - status
+ - task_description
+ - task_finish_timestamp
+ - task_name
+ TaskStatusEnum:
+ enum:
+ - SUCCESSFUL
+ - WARNING
+ - ERROR
+ - UNKNOWN
+ type: string
+ Tenant:
+ type: object
+ description: Tenant Serializer
+ properties:
+ tenant_uuid:
+ type: string
+ format: uuid
+ readOnly: true
+ domain:
+ type: string
+ description: Domain that activates this tenant. Can be a superset, i.e.
+ `a.b` for `aa.b` and `ba.b`
+ default:
+ type: boolean
+ branding_title:
+ type: string
+ branding_logo:
+ type: string
+ branding_favicon:
+ type: string
+ flow_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ flow_invalidation:
+ type: string
+ format: uuid
+ nullable: true
+ flow_recovery:
+ type: string
+ format: uuid
+ nullable: true
+ flow_unenrollment:
+ type: string
+ format: uuid
+ nullable: true
+ flow_user_settings:
+ type: string
+ format: uuid
+ nullable: true
+ flow_device_code:
+ type: string
+ format: uuid
+ nullable: true
+ event_retention:
+ type: string
+ description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+ web_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Web Certificate used by the authentik Core webserver.
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - domain
+ - tenant_uuid
+ TenantRequest:
+ type: object
+ description: Tenant Serializer
+ properties:
+ domain:
+ type: string
+ minLength: 1
+ description: Domain that activates this tenant. Can be a superset, i.e.
+ `a.b` for `aa.b` and `ba.b`
+ default:
+ type: boolean
+ branding_title:
+ type: string
+ minLength: 1
+ branding_logo:
+ type: string
+ minLength: 1
+ branding_favicon:
+ type: string
+ minLength: 1
+ flow_authentication:
+ type: string
+ format: uuid
+ nullable: true
+ flow_invalidation:
+ type: string
+ format: uuid
+ nullable: true
+ flow_recovery:
+ type: string
+ format: uuid
+ nullable: true
+ flow_unenrollment:
+ type: string
+ format: uuid
+ nullable: true
+ flow_user_settings:
+ type: string
+ format: uuid
+ nullable: true
+ flow_device_code:
+ type: string
+ format: uuid
+ nullable: true
+ event_retention:
+ type: string
+ minLength: 1
+ description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
+ web_certificate:
+ type: string
+ format: uuid
+ nullable: true
+ description: Web Certificate used by the authentik Core webserver.
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - domain
+ Token:
+ type: object
+ description: Token Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Token uuid
+ managed:
+ type: string
+ nullable: true
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ identifier:
+ type: string
+ maxLength: 255
+ pattern: ^[-a-zA-Z0-9_]+$
+ intent:
+ $ref: '#/components/schemas/IntentEnum'
+ user:
+ type: integer
+ user_obj:
+ allOf:
+ - $ref: '#/components/schemas/User'
+ readOnly: true
+ description:
+ type: string
+ expires:
+ type: string
+ format: date-time
+ expiring:
+ type: boolean
+ required:
+ - identifier
+ - pk
+ - user_obj
+ TokenRequest:
+ type: object
+ description: Token Serializer
+ properties:
+ managed:
+ type: string
+ nullable: true
+ minLength: 1
+ title: Managed by authentik
+ description: Objects which are managed by authentik. These objects are created
+ and updated automatically. This is flag only indicates that an object
+ can be overwritten by migrations. You can still modify the objects via
+ the API, but expect changes to be overwritten in a later update.
+ identifier:
+ type: string
+ minLength: 1
+ maxLength: 255
+ pattern: ^[-a-zA-Z0-9_]+$
+ intent:
+ $ref: '#/components/schemas/IntentEnum'
+ user:
+ type: integer
+ description:
+ type: string
+ expires:
+ type: string
+ format: date-time
+ expiring:
+ type: boolean
+ required:
+ - identifier
+ TokenSetKeyRequest:
+ type: object
+ properties:
+ key:
+ type: string
+ minLength: 1
+ required:
+ - key
+ TokenView:
+ type: object
+ description: Show token's current key
+ properties:
+ key:
+ type: string
+ readOnly: true
+ required:
+ - key
+ TypeCreate:
+ type: object
+ description: Types of an object that can be created
+ properties:
+ name:
+ type: string
+ description:
+ type: string
+ component:
+ type: string
+ model_name:
+ type: string
+ required:
+ - component
+ - description
+ - model_name
+ - name
+ UsedBy:
+ type: object
+ description: A list of all objects referencing the queried object
+ properties:
+ app:
+ type: string
+ model_name:
+ type: string
+ pk:
+ type: string
+ name:
+ type: string
+ action:
+ $ref: '#/components/schemas/UsedByActionEnum'
+ required:
+ - action
+ - app
+ - model_name
+ - name
+ - pk
+ UsedByActionEnum:
+ enum:
+ - CASCADE
+ - CASCADE_MANY
+ - SET_NULL
+ - SET_DEFAULT
+ type: string
+ User:
+ type: object
+ description: User Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ username:
+ type: string
+ maxLength: 150
+ name:
+ type: string
+ description: User's display name.
+ is_active:
+ type: boolean
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ last_login:
+ type: string
+ format: date-time
+ nullable: true
+ is_superuser:
+ type: boolean
+ readOnly: true
+ groups:
+ type: array
+ items:
+ type: string
+ format: uuid
+ groups_obj:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserGroup'
+ readOnly: true
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ avatar:
+ type: string
+ readOnly: true
+ attributes:
+ type: object
+ additionalProperties: {}
+ uid:
+ type: string
+ readOnly: true
+ path:
+ type: string
+ required:
+ - avatar
+ - groups
+ - groups_obj
+ - is_superuser
+ - name
+ - pk
+ - uid
+ - username
+ UserConsent:
+ type: object
+ description: UserConsent Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ expires:
+ type: string
+ format: date-time
+ user:
+ $ref: '#/components/schemas/User'
+ application:
+ $ref: '#/components/schemas/Application'
+ permissions:
+ type: string
+ default: ''
+ required:
+ - application
+ - pk
+ - user
+ UserDeleteStage:
+ type: object
+ description: UserDeleteStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ UserDeleteStageRequest:
+ type: object
+ description: UserDeleteStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ required:
+ - name
+ UserFieldsEnum:
+ enum:
+ - email
+ - username
+ - upn
+ type: string
+ UserGroup:
+ type: object
+ description: Simplified Group Serializer for user's groups
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Group uuid
+ num_pk:
+ type: integer
+ readOnly: true
+ name:
+ type: string
+ maxLength: 80
+ is_superuser:
+ type: boolean
+ description: Users added to this group will be superusers.
+ parent:
+ type: string
+ format: uuid
+ nullable: true
+ parent_name:
+ type: string
+ readOnly: true
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - name
+ - num_pk
+ - parent_name
+ - pk
+ UserGroupRequest:
+ type: object
+ description: Simplified Group Serializer for user's groups
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 80
+ is_superuser:
+ type: boolean
+ description: Users added to this group will be superusers.
+ parent:
+ type: string
+ format: uuid
+ nullable: true
+ attributes:
+ type: object
+ additionalProperties: {}
+ required:
+ - name
+ UserLoginStage:
+ type: object
+ description: UserLoginStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ session_duration:
+ type: string
+ description: 'Determines how long a session lasts. Default of 0 means that
+ the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ UserLoginStageRequest:
+ type: object
+ description: UserLoginStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ session_duration:
+ type: string
+ minLength: 1
+ description: 'Determines how long a session lasts. Default of 0 means that
+ the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
+ required:
+ - name
+ UserLogoutStage:
+ type: object
+ description: UserLogoutStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ UserLogoutStageRequest:
+ type: object
+ description: UserLogoutStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ required:
+ - name
+ UserMatchingModeEnum:
+ enum:
+ - identifier
+ - email_link
+ - email_deny
+ - username_link
+ - username_deny
+ type: string
+ UserMetrics:
+ type: object
+ description: User Metrics
+ properties:
+ logins_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ logins_failed_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ authorizations_per_1h:
+ type: array
+ items:
+ $ref: '#/components/schemas/Coordinate'
+ readOnly: true
+ required:
+ - authorizations_per_1h
+ - logins_failed_per_1h
+ - logins_per_1h
+ UserOAuthSourceConnection:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ user:
+ type: integer
+ source:
+ allOf:
+ - $ref: '#/components/schemas/Source'
+ readOnly: true
+ identifier:
+ type: string
+ maxLength: 255
+ required:
+ - identifier
+ - pk
+ - source
+ - user
+ UserOAuthSourceConnectionRequest:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ user:
+ type: integer
+ identifier:
+ type: string
+ minLength: 1
+ maxLength: 255
+ access_token:
+ type: string
+ writeOnly: true
+ nullable: true
+ required:
+ - identifier
+ - user
+ UserPasswordSetRequest:
+ type: object
+ properties:
+ password:
+ type: string
+ minLength: 1
+ required:
+ - password
+ UserPath:
+ type: object
+ properties:
+ paths:
+ type: array
+ items:
+ type: string
+ readOnly: true
+ required:
+ - paths
+ UserRequest:
+ type: object
+ description: User Serializer
+ properties:
+ username:
+ type: string
+ minLength: 1
+ maxLength: 150
+ name:
+ type: string
+ description: User's display name.
+ is_active:
+ type: boolean
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ last_login:
+ type: string
+ format: date-time
+ nullable: true
+ groups:
+ type: array
+ items:
+ type: string
+ format: uuid
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ attributes:
+ type: object
+ additionalProperties: {}
+ path:
+ type: string
+ minLength: 1
+ required:
+ - groups
+ - name
+ - username
+ UserSAMLSourceConnection:
+ type: object
+ description: SAML Source Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ user:
+ type: integer
+ source:
+ allOf:
+ - $ref: '#/components/schemas/Source'
+ readOnly: true
+ identifier:
+ type: string
+ required:
+ - identifier
+ - pk
+ - source
+ - user
+ UserSAMLSourceConnectionRequest:
+ type: object
+ description: SAML Source Serializer
+ properties:
+ user:
+ type: integer
+ identifier:
+ type: string
+ minLength: 1
+ required:
+ - identifier
+ - user
+ UserSelf:
+ type: object
+ description: User Serializer for information a user can retrieve about themselves
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ username:
+ type: string
+ description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
+ only.
+ pattern: ^[\w.@+-]+$
+ maxLength: 150
+ name:
+ type: string
+ description: User's display name.
+ is_active:
+ type: boolean
+ readOnly: true
+ title: Active
+ description: Designates whether this user should be treated as active. Unselect
+ this instead of deleting accounts.
+ is_superuser:
+ type: boolean
+ readOnly: true
+ groups:
+ type: array
+ items:
+ $ref: '#/components/schemas/UserSelfGroups'
+ readOnly: true
+ email:
+ type: string
+ format: email
+ title: Email address
+ maxLength: 254
+ avatar:
+ type: string
+ readOnly: true
+ uid:
+ type: string
+ readOnly: true
+ settings:
+ type: object
+ additionalProperties: {}
+ readOnly: true
+ required:
+ - avatar
+ - groups
+ - is_active
+ - is_superuser
+ - name
+ - pk
+ - settings
+ - uid
+ - username
+ UserSelfGroups:
+ type: object
+ properties:
+ name:
+ type: string
+ readOnly: true
+ pk:
+ type: string
+ readOnly: true
+ required:
+ - name
+ - pk
+ UserServiceAccountRequest:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ create_group:
+ type: boolean
+ default: false
+ required:
+ - name
+ UserServiceAccountResponse:
+ type: object
+ properties:
+ username:
+ type: string
+ token:
+ type: string
+ user_uid:
+ type: string
+ user_pk:
+ type: integer
+ group_pk:
+ type: string
+ required:
+ - token
+ - user_pk
+ - user_uid
+ - username
+ UserSetting:
+ type: object
+ description: Serializer for User settings for stages and sources
+ properties:
+ object_uid:
+ type: string
+ component:
+ type: string
+ title:
+ type: string
+ configure_url:
+ type: string
+ icon_url:
+ type: string
+ required:
+ - component
+ - object_uid
+ - title
+ UserSourceConnection:
+ type: object
+ description: OAuth Source Serializer
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ user:
+ type: integer
+ readOnly: true
+ source:
+ allOf:
+ - $ref: '#/components/schemas/Source'
+ readOnly: true
+ created:
+ type: string
+ format: date-time
+ readOnly: true
+ required:
+ - created
+ - pk
+ - source
+ - user
+ UserVerificationEnum:
+ enum:
+ - required
+ - preferred
+ - discouraged
+ type: string
+ UserWriteStage:
+ type: object
+ description: UserWriteStage Serializer
+ properties:
+ pk:
+ type: string
+ format: uuid
+ readOnly: true
+ title: Stage uuid
+ name:
+ type: string
+ component:
+ type: string
+ readOnly: true
+ verbose_name:
+ type: string
+ readOnly: true
+ verbose_name_plural:
+ type: string
+ readOnly: true
+ meta_model_name:
+ type: string
+ readOnly: true
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSet'
+ create_users_as_inactive:
+ type: boolean
+ description: When set, newly created users are inactive and cannot login.
+ create_users_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally add newly created users to this group.
+ can_create_users:
+ type: boolean
+ description: When set, this stage can create users. If not enabled and no
+ user is available, stage will fail.
+ user_path_template:
+ type: string
+ required:
+ - component
+ - meta_model_name
+ - name
+ - pk
+ - verbose_name
+ - verbose_name_plural
+ UserWriteStageRequest:
+ type: object
+ description: UserWriteStage Serializer
+ properties:
+ name:
+ type: string
+ minLength: 1
+ flow_set:
+ type: array
+ items:
+ $ref: '#/components/schemas/FlowSetRequest'
+ create_users_as_inactive:
+ type: boolean
+ description: When set, newly created users are inactive and cannot login.
+ create_users_group:
+ type: string
+ format: uuid
+ nullable: true
+ description: Optionally add newly created users to this group.
+ can_create_users:
+ type: boolean
+ description: When set, this stage can create users. If not enabled and no
+ user is available, stage will fail.
+ user_path_template:
+ type: string
+ required:
+ - name
+ ValidationError:
+ type: object
+ description: Validation Error
+ properties:
+ non_field_errors:
+ type: array
+ items:
+ type: string
+ code:
+ type: string
+ additionalProperties: {}
+ Version:
+ type: object
+ description: Get running and latest version.
+ properties:
+ version_current:
+ type: string
+ readOnly: true
+ version_latest:
+ type: string
+ readOnly: true
+ build_hash:
+ type: string
+ readOnly: true
+ outdated:
+ type: boolean
+ readOnly: true
+ required:
+ - build_hash
+ - outdated
+ - version_current
+ - version_latest
+ WebAuthnDevice:
+ type: object
+ description: Serializer for WebAuthn authenticator devices
+ properties:
+ pk:
+ type: integer
+ readOnly: true
+ title: ID
+ name:
+ type: string
+ maxLength: 200
+ created_on:
+ type: string
+ format: date-time
+ readOnly: true
+ required:
+ - created_on
+ - name
+ - pk
+ WebAuthnDeviceRequest:
+ type: object
+ description: Serializer for WebAuthn authenticator devices
+ properties:
+ name:
+ type: string
+ minLength: 1
+ maxLength: 200
+ required:
+ - name
+ Workers:
+ type: object
+ properties:
+ count:
+ type: integer
+ required:
+ - count
+ securitySchemes:
+ authentik:
+ type: apiKey
+ in: header
+ name: Authorization
+ scheme: bearer
+servers:
+- url: /api/v3/