From 1324d03815266a4237d2a718d57a75d6d53e7de4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 15 May 2021 23:57:28 +0200 Subject: [PATCH 01/35] *: initial migration to openapi v3 Signed-off-by: Jens Langhammer --- Makefile | 4 +- Pipfile | 1 + Pipfile.lock | 73 +- authentik/admin/api/meta.py | 4 +- authentik/admin/api/metrics.py | 8 +- authentik/admin/api/tasks.py | 10 +- authentik/admin/api/version.py | 4 +- authentik/api/auth.py | 13 + authentik/api/pagination_schema.py | 97 - authentik/api/schema.py | 102 - authentik/api/v2/config.py | 4 +- authentik/api/v2/urls.py | 20 +- authentik/core/api/applications.py | 30 +- authentik/core/api/propertymappings.py | 18 +- authentik/core/api/providers.py | 4 +- authentik/core/api/sources.py | 6 +- authentik/core/api/tokens.py | 4 +- authentik/core/api/users.py | 14 +- authentik/core/api/utils.py | 3 + authentik/crypto/api.py | 28 +- authentik/events/api/event.py | 24 +- .../events/api/notification_transport.py | 7 +- authentik/flows/api/flows.py | 49 +- authentik/flows/api/stages.py | 6 +- authentik/flows/views.py | 32 +- .../api/outpost_service_connections.py | 6 +- authentik/outposts/api/outposts.py | 6 +- authentik/policies/api/policies.py | 15 +- authentik/providers/oauth2/api/provider.py | 10 +- authentik/providers/proxy/api.py | 4 +- authentik/providers/saml/api.py | 18 +- authentik/root/settings.py | 22 +- authentik/sources/ldap/api.py | 6 +- authentik/sources/oauth/api/source.py | 6 +- authentik/sources/plex/api.py | 16 +- authentik/sources/saml/api.py | 4 +- authentik/stages/email/api.py | 4 +- schema.yml | 21751 ++++++++++++++++ 38 files changed, 22004 insertions(+), 429 deletions(-) delete mode 100644 authentik/api/pagination_schema.py delete mode 100644 authentik/api/schema.py create mode 100644 schema.yml diff --git a/Makefile b/Makefile index 242d727f8..9d2a0c53b 100644 --- a/Makefile +++ b/Makefile @@ -26,11 +26,11 @@ lint: pylint authentik tests lifecycle gen: - ./manage.py generate_swagger -o swagger.yaml -f yaml + ./manage.py spectacular --file schema.yml docker run \ --rm -v ${PWD}:/local \ openapitools/openapi-generator-cli generate \ - -i /local/swagger.yaml \ + -i /local/schema.yml \ -g typescript-fetch \ -o /local/web/api \ --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 diff --git a/Pipfile b/Pipfile index 96c6a3006..57d2bb40b 100644 --- a/Pipfile +++ b/Pipfile @@ -44,6 +44,7 @@ urllib3 = {extras = ["secure"],version = "*"} uvicorn = {extras = ["standard"],version = "*"} webauthn = "*" xmlsec = "*" +drf-spectacular = "*" [requires] python_version = "3.9" diff --git a/Pipfile.lock b/Pipfile.lock index e2a5645fc..d63693f0d 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "8a32708c1c04f8da03c817df973de28c37c97ee773f571ce0b3f3f834e1b7094" + "sha256": "f38fd1bd4336a968ebb88f80874dd0d683b79f962551e4aff536322360a90b0d" }, "pipfile-spec": 6, "requires": { @@ -122,18 +122,19 @@ }, "boto3": { "hashes": [ - "sha256:3317722a1e9acbfc0d30cdf273d1708c823ceb19309e9cd91cac8a3604762341", - "sha256:ee3317fd79b443ef102469fac393a1ffb650ea51ac4fc27464013872c5e1ce31" + "sha256:13cfe0e3ae1bdc7baf4272b1814a7e760fbb508b19d6ac3f472a6bbd64baad61", + "sha256:ce08b88a2d7a0ad8edb385f84ea4914296fee6813c66ebf0def956d5278de793" ], "index": "pypi", - "version": "==1.17.72" + "version": "==1.17.73" }, "botocore": { "hashes": [ - "sha256:0fa93a2e2daad5791c63ee526ada66896cc483d04cb2d32bfcadfeb881203453" + "sha256:4b4aa58c61d4b125bc6ec1597924b2749e19de8f2c9a374ac087aa2561e71828", + "sha256:69dc0b6fdc0855f5a4f8b1d29c96b9cec44e71054fea0f968e5904d6ccfd4fd9" ], "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", - "version": "==1.20.72" + "version": "==1.20.73" }, "cachetools": { "hashes": [ @@ -415,6 +416,14 @@ "index": "pypi", "version": "==5.0.0" }, + "drf-spectacular": { + "hashes": [ + "sha256:4a77c233c99e028b8905cd2cf05388524838ade97b95d5c6e4861e0c3c95af31", + "sha256:d7f64b97e8940b143a0e8d1de20523e8d7d5fe8ec557aec574513282c413b0b3" + ], + "index": "pypi", + "version": "==0.16.0" + }, "drf-yasg": { "hashes": [ "sha256:8b72e5b1875931a8d11af407be3a9a5ba8776541492947a0df5bafda6b7f8267", @@ -614,11 +623,11 @@ }, "ldap3": { "hashes": [ - "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57", "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91", + "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59", "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c", "sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", - "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59" + "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57" ], "index": "pypi", "version": "==2.9" @@ -873,37 +882,37 @@ }, "pyasn1": { "hashes": [ + "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", + "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf", + "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", "sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d", "sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00", - "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", - "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", - "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", - "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3", - "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", - "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", - "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8", - "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", - "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2" + "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", + "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", + "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", + "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", + "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2", + "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3" ], "version": "==0.4.8" }, "pyasn1-modules": { "hashes": [ - "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", - "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", - "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", - "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", - "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", - "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8", + "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199", + "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", + "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", + "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", "sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e", "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74", "sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb", - "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405", - "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", - "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199" + "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", + "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", + "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", + "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", + "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405" ], "version": "==0.2.8" }, @@ -1602,11 +1611,11 @@ }, "gitpython": { "hashes": [ - "sha256:2bfcd25e6b81fe431fa3ab1f0975986cfddabf7870a323c183f3afbc9447c0c5", - "sha256:37ac36cacf2e2be5e88f0810187c5833e71c1a2a8cf81588f5699d1b70183baa" + "sha256:29fe82050709760081f588dd50ce83504feddbebdc4da6956d02351552b1c135", + "sha256:ee24bdc93dce357630764db659edaf6b8d664d4ff5447ccfeedd2dc5c253f41e" ], "markers": "python_version >= '3.5'", - "version": "==3.1.16" + "version": "==3.1.17" }, "idna": { "hashes": [ @@ -1752,11 +1761,11 @@ }, "pytest-django": { "hashes": [ - "sha256:80f8875226ec4dc0b205f0578072034563879d98d9b1bec143a80b9045716cb0", - "sha256:a51150d8962200250e850c6adcab670779b9c2aa07271471059d1fb92a843fa9" + "sha256:d1c6758a592fb0ef8abaa2fe12dd28858c1dcfc3d466102ffe52aa8934733dca", + "sha256:f96c4556f4e7b15d987dd1dcc1d1526df81d40c1548d31ce840d597ed2be8c46" ], "index": "pypi", - "version": "==4.2.0" + "version": "==4.3.0" }, "pyyaml": { "hashes": [ diff --git a/authentik/admin/api/meta.py b/authentik/admin/api/meta.py index 485a3e266..36c3edab1 100644 --- a/authentik/admin/api/meta.py +++ b/authentik/admin/api/meta.py @@ -1,5 +1,5 @@ """Meta API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import CharField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request @@ -22,7 +22,7 @@ class AppsViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: AppSerializer(many=True)}) + @extend_schema(responses={200: AppSerializer(many=True)}) def list(self, request: Request) -> Response: """List current messages and pass into Serializer""" data = [] diff --git a/authentik/admin/api/metrics.py b/authentik/admin/api/metrics.py index d9d6b2dc4..3bfd2dfdb 100644 --- a/authentik/admin/api/metrics.py +++ b/authentik/admin/api/metrics.py @@ -7,7 +7,7 @@ from django.db.models import Count, ExpressionWrapper, F from django.db.models.fields import DurationField from django.db.models.functions import ExtractHour from django.utils.timezone import now -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.fields import IntegerField, SerializerMethodField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request @@ -58,12 +58,12 @@ class LoginMetricsSerializer(PassiveSerializer): logins_per_1h = SerializerMethodField() logins_failed_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN_FAILED) @@ -74,7 +74,7 @@ class AdministrationMetricsViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: LoginMetricsSerializer(many=False)}) + @extend_schema(responses={200: LoginMetricsSerializer(many=False)}) def list(self, request: Request) -> Response: """Login Metrics per 1h""" serializer = LoginMetricsSerializer(True) diff --git a/authentik/admin/api/tasks.py b/authentik/admin/api/tasks.py index bec34cdd1..2e87b208b 100644 --- a/authentik/admin/api/tasks.py +++ b/authentik/admin/api/tasks.py @@ -4,7 +4,7 @@ from importlib import import_module from django.contrib import messages from django.http.response import Http404 from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField from rest_framework.permissions import IsAdminUser @@ -35,9 +35,7 @@ class TaskViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} - ) + @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) # pylint: disable=invalid-name def retrieve(self, request: Request, pk=None) -> Response: """Get a single system task""" @@ -46,13 +44,13 @@ class TaskViewSet(ViewSet): raise Http404 return Response(TaskSerializer(task, many=False).data) - @swagger_auto_schema(responses={200: TaskSerializer(many=True)}) + @extend_schema(responses={200: TaskSerializer(many=True)}) def list(self, request: Request) -> Response: """List system tasks""" tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name) return Response(TaskSerializer(tasks, many=True).data) - @swagger_auto_schema( + @extend_schema( responses={ 204: "Task retried successfully", 404: "Task not found", diff --git a/authentik/admin/api/version.py b/authentik/admin/api/version.py index 0397cc897..04d6d73c4 100644 --- a/authentik/admin/api/version.py +++ b/authentik/admin/api/version.py @@ -2,7 +2,7 @@ from os import environ from django.core.cache import cache -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from packaging.version import parse from rest_framework.fields import SerializerMethodField from rest_framework.mixins import ListModelMixin @@ -57,7 +57,7 @@ class VersionViewSet(ListModelMixin, GenericViewSet): def get_queryset(self): # pragma: no cover return None - @swagger_auto_schema(responses={200: VersionSerializer(many=False)}) + @extend_schema(responses={200: VersionSerializer(many=False)}) def list(self, request: Request) -> Response: """Get running and latest version.""" return Response(VersionSerializer(True).data) diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 97f821b56..852f1d9db 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -7,6 +7,7 @@ from rest_framework.authentication import BaseAuthentication, get_authorization_ from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request from structlog.stdlib import get_logger +from drf_spectacular.authentication import OpenApiAuthenticationExtension from authentik.core.models import Token, TokenIntents, User @@ -55,3 +56,15 @@ class AuthentikTokenAuthentication(BaseAuthentication): return None return (token.user, None) # pragma: no cover + + +class TokenSchema(OpenApiAuthenticationExtension): + target_class = AuthentikTokenAuthentication + name = 'authentik' + + def get_security_definition(self, auto_schema): + return { + 'type': 'apiKey', + 'in': 'header', + 'name': 'Authorization', + } diff --git a/authentik/api/pagination_schema.py b/authentik/api/pagination_schema.py deleted file mode 100644 index 3d4f86c61..000000000 --- a/authentik/api/pagination_schema.py +++ /dev/null @@ -1,97 +0,0 @@ -"""Swagger Pagination Schema class""" -from typing import OrderedDict - -from drf_yasg import openapi -from drf_yasg.inspectors import PaginatorInspector - - -class PaginationInspector(PaginatorInspector): - """Swagger Pagination Schema class""" - - def get_paginated_response(self, paginator, response_schema): - """ - :param BasePagination paginator: the paginator - :param openapi.Schema response_schema: the response schema that must be paged. - :rtype: openapi.Schema - """ - - return openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ( - "pagination", - openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ("next", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "previous", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ("count", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "current", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "total_pages", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "start_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "end_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ) - ), - required=[ - "next", - "previous", - "count", - "current", - "total_pages", - "start_index", - "end_index", - ], - ), - ), - ("results", response_schema), - ) - ), - required=["results", "pagination"], - ) - - def get_paginator_parameters(self, paginator): - """ - Get the pagination parameters for a single paginator **instance**. - - Should return :data:`.NotHandled` if this inspector - does not know how to handle the given `paginator`. - - :param BasePagination paginator: the paginator - :rtype: list[openapi.Parameter] - """ - - return [ - openapi.Parameter( - "page", - openapi.IN_QUERY, - "Page Index", - False, - None, - openapi.TYPE_INTEGER, - ), - openapi.Parameter( - "page_size", - openapi.IN_QUERY, - "Page Size", - False, - None, - openapi.TYPE_INTEGER, - ), - ] diff --git a/authentik/api/schema.py b/authentik/api/schema.py deleted file mode 100644 index f60b333b8..000000000 --- a/authentik/api/schema.py +++ /dev/null @@ -1,102 +0,0 @@ -"""Error Response schema, from https://github.com/axnsan12/drf-yasg/issues/224""" -from drf_yasg import openapi -from drf_yasg.inspectors.view import SwaggerAutoSchema -from drf_yasg.utils import force_real_str, is_list_view -from rest_framework import exceptions, status -from rest_framework.settings import api_settings - - -class ErrorResponseAutoSchema(SwaggerAutoSchema): - """Inspector which includes an error schema""" - - def get_generic_error_schema(self): - """Get a generic error schema""" - return openapi.Schema( - "Generic API Error", - type=openapi.TYPE_OBJECT, - properties={ - "detail": openapi.Schema( - type=openapi.TYPE_STRING, description="Error details" - ), - "code": openapi.Schema( - type=openapi.TYPE_STRING, description="Error code" - ), - }, - required=["detail"], - ) - - def get_validation_error_schema(self): - """Get a generic validation error schema""" - return openapi.Schema( - "Validation Error", - type=openapi.TYPE_OBJECT, - properties={ - api_settings.NON_FIELD_ERRORS_KEY: openapi.Schema( - description="List of validation errors not related to any field", - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - }, - additional_properties=openapi.Schema( - description=( - "A list of error messages for each " - "field that triggered a validation error" - ), - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - ) - - def get_response_serializers(self): - responses = super().get_response_serializers() - definitions = self.components.with_scope( - openapi.SCHEMA_DEFINITIONS - ) # type: openapi.ReferenceResolver - - definitions.setdefault("GenericError", self.get_generic_error_schema) - definitions.setdefault("ValidationError", self.get_validation_error_schema) - definitions.setdefault("APIException", self.get_generic_error_schema) - - if self.get_request_serializer() or self.get_query_serializer(): - responses.setdefault( - exceptions.ValidationError.status_code, - openapi.Response( - description=force_real_str( - exceptions.ValidationError.default_detail - ), - schema=openapi.SchemaRef(definitions, "ValidationError"), - ), - ) - - security = self.get_security() - if security is None or len(security) > 0: - # Note: 401 error codes are coerced into 403 see - # rest_framework/views.py:433:handle_exception - # This is b/c the API uses token auth which doesn't have WWW-Authenticate header - responses.setdefault( - status.HTTP_403_FORBIDDEN, - openapi.Response( - description="Authentication credentials were invalid, absent or insufficient.", - schema=openapi.SchemaRef(definitions, "GenericError"), - ), - ) - if not is_list_view(self.path, self.method, self.view): - responses.setdefault( - exceptions.PermissionDenied.status_code, - openapi.Response( - description="Permission denied.", - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - responses.setdefault( - exceptions.NotFound.status_code, - openapi.Response( - description=( - "Object does not exist or caller " - "has insufficient permissions to access it." - ), - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - - return responses diff --git a/authentik/api/v2/config.py b/authentik/api/v2/config.py index 808d0525c..49e9f508a 100644 --- a/authentik/api/v2/config.py +++ b/authentik/api/v2/config.py @@ -1,5 +1,5 @@ """core Configs API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import BooleanField, CharField, ListField from rest_framework.permissions import AllowAny from rest_framework.request import Request @@ -34,7 +34,7 @@ class ConfigsViewSet(ViewSet): permission_classes = [AllowAny] - @swagger_auto_schema(responses={200: ConfigSerializer(many=False)}) + @extend_schema(responses={200: ConfigSerializer(many=False)}) def list(self, request: Request) -> Response: """Retrive public configuration options""" config = ConfigSerializer( diff --git a/authentik/api/v2/urls.py b/authentik/api/v2/urls.py index d46be9528..ce2a5b128 100644 --- a/authentik/api/v2/urls.py +++ b/authentik/api/v2/urls.py @@ -1,7 +1,6 @@ """api v2 urls""" from django.urls import path, re_path -from drf_yasg import openapi -from drf_yasg.views import get_schema_view +from drf_spectacular.views import SpectacularAPIView from rest_framework import routers from rest_framework.permissions import AllowAny @@ -196,17 +195,6 @@ router.register("stages/user_write", UserWriteStageViewSet) router.register("stages/dummy", DummyStageViewSet) router.register("policies/dummy", DummyPolicyViewSet) -info = openapi.Info( - title="authentik API", - default_version="v2beta", - contact=openapi.Contact(email="hello@beryju.org"), - license=openapi.License( - name="GNU GPLv3", - url="https://github.com/goauthentik/authentik/blob/master/LICENSE", - ), -) -SchemaView = get_schema_view(info, public=True, permission_classes=(AllowAny,)) - urlpatterns = ( [ path("", SwaggerView.as_view(), name="swagger"), @@ -218,10 +206,6 @@ urlpatterns = ( FlowExecutorView.as_view(), name="flow-executor", ), - re_path( - r"^swagger(?P\.json|\.yaml)$", - SchemaView.without_ui(cache_timeout=0), - name="schema-json", - ), + path("schema/", SpectacularAPIView.as_view(), name="schema"), ] ) diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index bcbb29b8c..9ae803332 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -5,8 +5,8 @@ from django.core.cache import cache from django.db.models import QuerySet from django.http.response import HttpResponseBadRequest from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import SerializerMethodField from rest_framework.parsers import MultiPartParser @@ -92,7 +92,7 @@ class ApplicationViewSet(ModelViewSet): applications.append(application) return applications - @swagger_auto_schema( + @extend_schema( responses={ 204: "Access granted", 403: "Access denied", @@ -111,12 +111,12 @@ class ApplicationViewSet(ModelViewSet): return Response(status=204) return Response(status=403) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="superuser_full_list", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ] ) @@ -151,13 +151,13 @@ class ApplicationViewSet(ModelViewSet): return self.get_paginated_response(serializer.data) @permission_required("authentik_core.change_application") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: In Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -184,7 +184,7 @@ class ApplicationViewSet(ModelViewSet): @permission_required( "authentik_core.view_application", ["authentik_events.view_event"] ) - @swagger_auto_schema(responses={200: CoordinateSerializer(many=True)}) + @extend_schema(responses={200: CoordinateSerializer(many=True)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument def metrics(self, request: Request, slug: str): diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py index fc1954b49..8904ac32b 100644 --- a/authentik/core/api/propertymappings.py +++ b/authentik/core/api/propertymappings.py @@ -1,8 +1,8 @@ """PropertyMapping API Views""" from json import dumps -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -81,7 +81,7 @@ class PropertyMappingViewSet( def get_queryset(self): return PropertyMapping.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable property-mapping types""" @@ -100,14 +100,14 @@ class PropertyMappingViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required("authentik_core.view_propertymapping") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), + @extend_schema( + request=PolicyTestSerializer(), responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"}, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="format_result", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py index f4f8ec22d..5e4042603 100644 --- a/authentik/core/api/providers.py +++ b/authentik/core/api/providers.py @@ -1,6 +1,6 @@ """Provider API Views""" from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField @@ -66,7 +66,7 @@ class ProviderViewSet( def get_queryset(self): return Provider.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable provider types""" diff --git a/authentik/core/api/sources.py b/authentik/core/api/sources.py index e1da3a2fb..7a4b795b7 100644 --- a/authentik/core/api/sources.py +++ b/authentik/core/api/sources.py @@ -1,7 +1,7 @@ """Source API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.request import Request @@ -64,7 +64,7 @@ class SourceViewSet( def get_queryset(self): return Source.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable source types""" @@ -87,7 +87,7 @@ class SourceViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: UserSettingSerializer(many=True)}) + @extend_schema(responses={200: UserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all sources the user can configure""" diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index db07f4c9d..793338271 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -1,6 +1,6 @@ """Tokens API Viewset""" from django.http.response import Http404 -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField from rest_framework.request import Request @@ -67,7 +67,7 @@ class TokenViewSet(ModelViewSet): serializer.save(user=self.request.user, intent=TokenIntents.INTENT_API) @permission_required("authentik_core.view_token_key") - @swagger_auto_schema( + @extend_schema( responses={ 200: TokenViewSerializer(many=False), 404: "Token not found or expired", diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index a3f315678..c92676162 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -7,7 +7,7 @@ from django.urls import reverse_lazy from django.utils.http import urlencode from django_filters.filters import BooleanFilter, CharFilter from django_filters.filterset import FilterSet -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from guardian.utils import get_anonymous_user from rest_framework.decorators import action from rest_framework.fields import CharField, JSONField, SerializerMethodField @@ -77,13 +77,13 @@ class UserMetricsSerializer(PassiveSerializer): logins_failed_per_1h = SerializerMethodField() authorizations_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" user = self.context["user"] return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -91,7 +91,7 @@ class UserMetricsSerializer(PassiveSerializer): action=EventAction.LOGIN_FAILED, context__username=user.username ) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_authorizations_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -142,7 +142,7 @@ class UserViewSet(ModelViewSet): def get_queryset(self): return User.objects.all().exclude(pk=get_anonymous_user().pk) - @swagger_auto_schema(responses={200: SessionUserSerializer(many=False)}) + @extend_schema(responses={200: SessionUserSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name def me(self, request: Request) -> Response: @@ -158,7 +158,7 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.view_user", ["authentik_events.view_event"]) - @swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)}) + @extend_schema(responses={200: UserMetricsSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name, unused-argument def metrics(self, request: Request, pk: int) -> Response: @@ -169,7 +169,7 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.reset_user_password") - @swagger_auto_schema( + @extend_schema( responses={"200": LinkSerializer(many=False), "404": "No recovery flow found."}, ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/core/api/utils.py b/authentik/core/api/utils.py index 7b8a98872..380208e08 100644 --- a/authentik/core/api/utils.py +++ b/authentik/core/api/utils.py @@ -28,6 +28,9 @@ class PassiveSerializer(Serializer): ) -> Model: # pragma: no cover return Model() + class Meta: + model = Model + class MetaNameSerializer(PassiveSerializer): """Add verbose names to response""" diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index d07d6b722..c277f3c45 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -5,8 +5,8 @@ from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import ( CharField, @@ -125,8 +125,8 @@ class CertificateKeyPairViewSet(ModelViewSet): filterset_class = CertificateKeyPairFilter @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) - @swagger_auto_schema( - request_body=CertificateGenerationSerializer(), + @extend_schema( + request=CertificateGenerationSerializer(), responses={200: CertificateKeyPairSerializer, 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -147,12 +147,12 @@ class CertificateKeyPairViewSet(ModelViewSet): serializer = self.get_serializer(instance) return Response(serializer.data) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, @@ -180,12 +180,12 @@ class CertificateKeyPairViewSet(ModelViewSet): CertificateDataSerializer({"data": certificate.certificate_data}).data ) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, diff --git a/authentik/events/api/event.py b/authentik/events/api/event.py index 6246f7b1c..307593e2e 100644 --- a/authentik/events/api/event.py +++ b/authentik/events/api/event.py @@ -1,8 +1,9 @@ """Events API Views""" +from drf_spectacular.types import OpenApiTypes import django_filters from django.db.models.aggregates import Count from django.db.models.fields.json import KeyTextTransform -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.fields import CharField, DictField, IntegerField @@ -38,12 +39,6 @@ class EventSerializer(ModelSerializer): ] -class EventTopPerUserParams(PassiveSerializer): - """Query params for top_per_user""" - - top_n = IntegerField(default=15) - - class EventTopPerUserSerializer(PassiveSerializer): """Response object of Event's top_per_user""" @@ -111,10 +106,17 @@ class EventViewSet(ReadOnlyModelViewSet): ] filterset_class = EventsFilter - @swagger_auto_schema( - method="GET", + @extend_schema( + methods=["GET"], responses={200: EventTopPerUserSerializer(many=True)}, - query_serializer=EventTopPerUserParams, + parameters=[ + OpenApiParameter( + "top_n", + type=OpenApiTypes.INT, + location=OpenApiParameter.QUERY, + required=False, + ) + ] ) @action(detail=False, methods=["GET"]) def top_per_user(self, request: Request): @@ -134,7 +136,7 @@ class EventViewSet(ReadOnlyModelViewSet): .order_by("-counted_events")[:top_n] ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def actions(self, request: Request) -> Response: """Get all actions""" diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index a688f120d..24225e39e 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -1,5 +1,6 @@ """NotificationTransport API Views""" -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.request import Request @@ -58,12 +59,12 @@ class NotificationTransportViewSet(ModelViewSet): serializer_class = NotificationTransportSerializer @permission_required("authentik_events.change_notificationtransport") - @swagger_auto_schema( + @extend_schema( responses={ 200: NotificationTransportTestSerializer(many=False), 503: "Failed to test transport", }, - request_body=no_body, + request=OpenApiTypes.NONE, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["post"]) # pylint: disable=invalid-name, unused-argument diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index 7fddfc3c5..4d2f11455 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -6,8 +6,13 @@ from django.db.models import Model from django.http.response import HttpResponseBadRequest, JsonResponse from django.urls import reverse from django.utils.translation import gettext as _ -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import ( + OpenApiParameter, + OpenApiResponse, + OpenApiSchemaBase, + extend_schema, +) from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.parsers import MultiPartParser @@ -97,15 +102,15 @@ class FlowViewSet(ModelViewSet): filterset_fields = ["flow_uuid", "name", "slug", "designation"] @permission_required(None, ["authentik_flows.view_flow_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached flows""" return Response(data={"count": len(cache.keys("flow_*"))}) @permission_required(None, ["authentik_flows.clear_flow_cache"]) - @swagger_auto_schema( - request_body=no_body, + @extend_schema( + request=OpenApiTypes.NONE, responses={204: "Successfully cleared cache", 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -133,13 +138,13 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.change_prompt", ], ) - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -171,10 +176,10 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.view_prompt", ], ) - @swagger_auto_schema( + @extend_schema( responses={ - "200": openapi.Response( - "File Attachment", schema=openapi.Schema(type=openapi.TYPE_FILE) + "200": OpenApiResponse( + response=OpenApiParameter("File Attachment", type=OpenApiTypes.BINARY) ), }, ) @@ -188,7 +193,7 @@ class FlowViewSet(ModelViewSet): response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"' return response - @swagger_auto_schema(responses={200: FlowDiagramSerializer()}) + @extend_schema(responses={200: FlowDiagramSerializer()}) @action(detail=True, pagination_class=None, filter_backends=[], methods=["get"]) # pylint: disable=unused-argument def diagram(self, request: Request, slug: str) -> Response: @@ -259,13 +264,13 @@ class FlowViewSet(ModelViewSet): return Response({"diagram": diagram}) @permission_required("authentik_flows.change_flow") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -289,7 +294,7 @@ class FlowViewSet(ModelViewSet): app.save() return Response({}) - @swagger_auto_schema( + @extend_schema( responses={200: LinkSerializer(many=False), 400: "Flow not applicable"}, ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/flows/api/stages.py b/authentik/flows/api/stages.py index 749e4a7ac..a700e3b38 100644 --- a/authentik/flows/api/stages.py +++ b/authentik/flows/api/stages.py @@ -1,7 +1,7 @@ """Flow Stage API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import BooleanField @@ -68,7 +68,7 @@ class StageViewSet( def get_queryset(self): return Stage.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable stage types""" @@ -86,7 +86,7 @@ class StageViewSet( data = sorted(data, key=lambda x: x["name"]) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: StageUserSettingSerializer(many=True)}) + @extend_schema(responses={200: StageUserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all stages the user can configure""" diff --git a/authentik/flows/views.py b/authentik/flows/views.py index 3935b9a10..d279d6211 100644 --- a/authentik/flows/views.py +++ b/authentik/flows/views.py @@ -10,8 +10,8 @@ from django.template.response import TemplateResponse from django.utils.decorators import method_decorator from django.views.decorators.clickjacking import xframe_options_sameorigin from django.views.generic import View -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.permissions import AllowAny from rest_framework.views import APIView from sentry_sdk import capture_exception @@ -125,19 +125,19 @@ class FlowExecutorView(APIView): self.current_stage_view.request = request return super().dispatch(request) - @swagger_auto_schema( + @extend_schema( responses={ 200: Challenge(), 404: "No Token found", # This error can be raised by the email stage }, - request_body=no_body, - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_get", @@ -157,16 +157,16 @@ class FlowExecutorView(APIView): self._logger.warning(exc) return to_stage_response(request, FlowErrorResponse(request, exc)) - @swagger_auto_schema( + @extend_schema( responses={200: Challenge()}, - request_body=ChallengeResponse(), - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=ChallengeResponse(), + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_solve", diff --git a/authentik/outposts/api/outpost_service_connections.py b/authentik/outposts/api/outpost_service_connections.py index 39b54c1e5..fdc28ca8b 100644 --- a/authentik/outposts/api/outpost_service_connections.py +++ b/authentik/outposts/api/outpost_service_connections.py @@ -2,7 +2,7 @@ from dataclasses import asdict from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from kubernetes.client.configuration import Configuration from kubernetes.config.config_exception import ConfigException from kubernetes.config.kube_config import load_kube_config_from_dict @@ -69,7 +69,7 @@ class ServiceConnectionViewSet( search_fields = ["name"] filterset_fields = ["name"] - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable service connection types""" @@ -87,7 +87,7 @@ class ServiceConnectionViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) + @extend_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument, invalid-name def state(self, request: Request, pk: str) -> Response: diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index d026fa503..af862891d 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -1,7 +1,7 @@ """Outpost API Views""" from dacite.core import from_dict from dacite.exceptions import DaciteError -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, DateTimeField from rest_framework.request import Request @@ -72,7 +72,7 @@ class OutpostViewSet(ModelViewSet): ] ordering = ["name"] - @swagger_auto_schema(responses={200: OutpostHealthSerializer(many=True)}) + @extend_schema(responses={200: OutpostHealthSerializer(many=True)}) @action(methods=["GET"], detail=True) # pylint: disable=invalid-name, unused-argument def health(self, request: Request, pk: int) -> Response: @@ -90,7 +90,7 @@ class OutpostViewSet(ModelViewSet): ) return Response(OutpostHealthSerializer(states, many=True).data) - @swagger_auto_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) + @extend_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) @action(detail=False, methods=["GET"]) def default_settings(self, request: Request) -> Response: """Global default outpost config""" diff --git a/authentik/policies/api/policies.py b/authentik/policies/api/policies.py index 9a089e93a..f4cd0afdf 100644 --- a/authentik/policies/api/policies.py +++ b/authentik/policies/api/policies.py @@ -1,6 +1,7 @@ """policy API Views""" from django.core.cache import cache -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -96,7 +97,7 @@ class PolicyViewSet( "bindings", "promptstage_set" ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable policy types""" @@ -114,15 +115,15 @@ class PolicyViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required(None, ["authentik_policies.view_policy_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached policies""" return Response(data={"count": len(cache.keys("policy_*"))}) @permission_required(None, ["authentik_policies.clear_policy_cache"]) - @swagger_auto_schema( - request_body=no_body, + @extend_schema( + request=OpenApiTypes.NONE, responses={204: "Successfully cleared cache", 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -137,8 +138,8 @@ class PolicyViewSet( return Response(status=204) @permission_required("authentik_policies.view_policy") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), + @extend_schema( + request=PolicyTestSerializer(), responses={200: PolicyTestResultSerializer(), 400: "Invalid parameters"}, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index b090ef72c..d556e1bbe 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,7 +1,8 @@ """OAuth2Provider API Views""" +from django.db.models.base import Model from django.urls import reverse from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField from rest_framework.generics import get_object_or_404 @@ -60,6 +61,9 @@ class OAuth2ProviderSetupURLs(PassiveSerializer): provider_info = ReadOnlyField() logout = ReadOnlyField() + class Meta: + model = Model + class OAuth2ProviderViewSet(ModelViewSet): """OAuth2Provider Viewset""" @@ -67,9 +71,9 @@ class OAuth2ProviderViewSet(ModelViewSet): queryset = OAuth2Provider.objects.all() serializer_class = OAuth2ProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ - 200: OAuth2ProviderSetupURLs(many=False), + 200: OAuth2ProviderSetupURLs, 404: "Provider has no application assigned", } ) diff --git a/authentik/providers/proxy/api.py b/authentik/providers/proxy/api.py index c729d1241..3cfb8e120 100644 --- a/authentik/providers/proxy/api.py +++ b/authentik/providers/proxy/api.py @@ -1,7 +1,7 @@ """ProxyProvider API Views""" from typing import Any -from drf_yasg.utils import swagger_serializer_method +from drf_spectacular.utils import extend_schema_field from rest_framework.exceptions import ValidationError from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.serializers import ModelSerializer @@ -107,7 +107,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer): "forward_auth_mode", ] - @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer) + @extend_schema_field(OpenIDConnectConfigurationSerializer) def get_oidc_configuration(self, obj: ProxyProvider): """Embed OpenID Connect provider information""" return ProviderInfoView(request=self.context["request"]._request).get_info(obj) diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 84630d81d..2a66b4b77 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -5,8 +5,8 @@ from defusedxml.ElementTree import fromstring from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser @@ -80,16 +80,16 @@ class SAMLProviderViewSet(ModelViewSet): queryset = SAMLProvider.objects.all() serializer_class = SAMLProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ 200: SAMLMetadataSerializer(many=False), 404: "Provider has no application assigned", }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) @@ -118,8 +118,8 @@ class SAMLProviderViewSet(ModelViewSet): "authentik_crypto.add_certificatekeypair", ], ) - @swagger_auto_schema( - request_body=SAMLProviderImportSerializer(), + @extend_schema( + request=SAMLProviderImportSerializer(), responses={204: "Successfully imported provider", 400: "Bad request"}, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 0c5eff2fa..21d5130a0 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -130,7 +130,7 @@ INSTALLED_APPS = [ "authentik.stages.user_write", "rest_framework", "django_filters", - "drf_yasg", + "drf_spectacular", "guardian", "django_prometheus", "channels", @@ -139,14 +139,17 @@ INSTALLED_APPS = [ GUARDIAN_MONKEY_PATCH = False -SWAGGER_SETTINGS = { - "DEFAULT_AUTO_SCHEMA_CLASS": "authentik.api.schema.ErrorResponseAutoSchema", - "DEFAULT_INFO": "authentik.api.v2.urls.info", - "DEFAULT_PAGINATOR_INSPECTORS": [ - "authentik.api.pagination_schema.PaginationInspector", - ], - "SECURITY_DEFINITIONS": { - "Bearer": {"type": "apiKey", "name": "Authorization", "in": "header"} +SPECTACULAR_SETTINGS = { + "TITLE": "authentik", + "DESCRIPTION": "Making authentication simple.", + "VERSION": __version__, + "COMPONENT_SPLIT_REQUEST": True, + "CONTACT": { + "email": "hello@beryju.org", + }, + "LICENSE": { + "name": "GNU GPLv3", + "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", }, } @@ -169,6 +172,7 @@ REST_FRAMEWORK = { "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], + "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } CACHES = { diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py index c74be3a9d..61aca7c91 100644 --- a/authentik/sources/ldap/api.py +++ b/authentik/sources/ldap/api.py @@ -1,7 +1,7 @@ """Source API Views""" from django.http.response import Http404 from django.utils.text import slugify -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -48,9 +48,7 @@ class LDAPSourceViewSet(ModelViewSet): serializer_class = LDAPSourceSerializer lookup_field = "slug" - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} - ) + @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def sync_status(self, request: Request, slug: str) -> Response: diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py index b2813af1f..8899cfc89 100644 --- a/authentik/sources/oauth/api/source.py +++ b/authentik/sources/oauth/api/source.py @@ -1,6 +1,6 @@ """OAuth Source Serializer""" from django.urls.base import reverse_lazy -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, SerializerMethodField from rest_framework.request import Request @@ -43,7 +43,7 @@ class OAuthSourceSerializer(SourceSerializer): type = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=SourceTypeSerializer) + @extend_schema_field(SourceTypeSerializer) def get_type(self, instace: OAuthSource) -> SourceTypeSerializer: """Get source's type configuration""" return SourceTypeSerializer(instace.type).data @@ -85,7 +85,7 @@ class OAuthSourceViewSet(ModelViewSet): serializer_class = OAuthSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SourceTypeSerializer(many=True)}) + @extend_schema(responses={200: SourceTypeSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def source_types(self, request: Request) -> Response: """Get all creatable source types""" diff --git a/authentik/sources/plex/api.py b/authentik/sources/plex/api.py index d9c351aef..2210da72b 100644 --- a/authentik/sources/plex/api.py +++ b/authentik/sources/plex/api.py @@ -1,7 +1,7 @@ """Plex Source Serializer""" from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.exceptions import PermissionDenied from rest_framework.fields import CharField @@ -50,18 +50,18 @@ class PlexSourceViewSet(ModelViewSet): lookup_field = "slug" @permission_required(None) - @swagger_auto_schema( - request_body=PlexTokenRedeemSerializer(), + @extend_schema( + request=PlexTokenRedeemSerializer(), responses={ 200: RedirectChallenge(), 400: "Token not found", 403: "Access denied", }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="slug", - in_=openapi.IN_QUERY, - type=openapi.TYPE_STRING, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.STR, ) ], ) diff --git a/authentik/sources/saml/api.py b/authentik/sources/saml/api.py index 91a4407fb..88cde35cb 100644 --- a/authentik/sources/saml/api.py +++ b/authentik/sources/saml/api.py @@ -1,5 +1,5 @@ """SAMLSource API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -39,7 +39,7 @@ class SAMLSourceViewSet(ModelViewSet): serializer_class = SAMLSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)}) + @extend_schema(responses={200: SAMLMetadataSerializer(many=False)}) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def metadata(self, request: Request, slug: str) -> Response: diff --git a/authentik/stages/email/api.py b/authentik/stages/email/api.py index 27b5d6752..e13d9584f 100644 --- a/authentik/stages/email/api.py +++ b/authentik/stages/email/api.py @@ -1,5 +1,5 @@ """EmailStage API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -52,7 +52,7 @@ class EmailStageViewSet(ModelViewSet): queryset = EmailStage.objects.all() serializer_class = EmailStageSerializer - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def templates(self, request: Request) -> Response: """Get all available templates, including custom templates""" diff --git a/schema.yml b/schema.yml new file mode 100644 index 000000000..e7f831aec --- /dev/null +++ b/schema.yml @@ -0,0 +1,21751 @@ +openapi: 3.0.3 +info: + title: authentik + version: 2021.5.1 + description: Making authentication simple. + contact: + email: hello@beryju.org + license: + name: GNU GPLv3 + url: https://github.com/goauthentik/authentik/blob/master/LICENSE +paths: + /api/v2beta/admin/apps/: + get: + operationId: admin_apps_list + description: List current messages and pass into Serializer + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/App' + description: '' + /api/v2beta/admin/metrics/: + get: + operationId: admin_metrics_list + description: Login Metrics per 1h + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/LoginMetrics' + description: '' + /api/v2beta/admin/system_tasks/: + get: + operationId: admin_system_tasks_list + description: List system tasks + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Task' + description: '' + /api/v2beta/admin/system_tasks/{id}/: + get: + operationId: admin_system_tasks_retrieve + description: Get a single system task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/admin/system_tasks/{id}/retry/: + post: + operationId: admin_system_tasks_retry_create + description: Retry task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '500': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/admin/version/: + get: + operationId: admin_version_list + description: Get running and latest version. + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Version' + description: '' + /api/v2beta/admin/workers/: + get: + operationId: admin_workers_list + description: Get currently connected worker count. + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + description: No response body + /api/v2beta/authenticators/admin/static/: + get: + operationId: authenticators_admin_static_list + description: Viewset for static authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + /api/v2beta/authenticators/admin/static/{id}/: + get: + operationId: authenticators_admin_static_retrieve + description: Viewset for static authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + /api/v2beta/authenticators/admin/totp/: + get: + operationId: authenticators_admin_totp_list + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + /api/v2beta/authenticators/admin/totp/{id}/: + get: + operationId: authenticators_admin_totp_retrieve + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + /api/v2beta/authenticators/admin/webauthn/: + get: + operationId: authenticators_admin_webauthn_list + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + /api/v2beta/authenticators/admin/webauthn/{id}/: + get: + operationId: authenticators_admin_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + /api/v2beta/authenticators/static/: + get: + operationId: authenticators_static_list + description: Viewset for static authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + post: + operationId: authenticators_static_create + description: Viewset for static authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + /api/v2beta/authenticators/static/{id}/: + get: + operationId: authenticators_static_retrieve + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + put: + operationId: authenticators_static_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + patch: + operationId: authenticators_static_partial_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + delete: + operationId: authenticators_static_destroy + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/authenticators/totp/: + get: + operationId: authenticators_totp_list + description: Viewset for totp authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + post: + operationId: authenticators_totp_create + description: Viewset for totp authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + /api/v2beta/authenticators/totp/{id}/: + get: + operationId: authenticators_totp_retrieve + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + put: + operationId: authenticators_totp_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + patch: + operationId: authenticators_totp_partial_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + delete: + operationId: authenticators_totp_destroy + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/authenticators/webauthn/: + get: + operationId: authenticators_webauthn_list + description: Viewset for WebAuthn authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + post: + operationId: authenticators_webauthn_create + description: Viewset for WebAuthn authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + /api/v2beta/authenticators/webauthn/{id}/: + get: + operationId: authenticators_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + put: + operationId: authenticators_webauthn_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + patch: + operationId: authenticators_webauthn_partial_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + delete: + operationId: authenticators_webauthn_destroy + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/applications/: + get: + operationId: core_applications_list + description: Custom list method that checks Policy based access instead of guardian + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: superuser_full_list + schema: + type: boolean + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedApplicationList' + description: '' + post: + operationId: core_applications_create + description: Application Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + /api/v2beta/core/applications/{slug}/: + get: + operationId: core_applications_retrieve + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + put: + operationId: core_applications_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + patch: + operationId: core_applications_partial_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + delete: + operationId: core_applications_destroy + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/applications/{slug}/check_access/: + get: + operationId: core_applications_check_access_retrieve + description: Check access to a single application by slug + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '403': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/applications/{slug}/metrics/: + get: + operationId: core_applications_metrics_list + description: Metrics for application logins + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Coordinate' + description: '' + /api/v2beta/core/applications/{slug}/set_icon/: + post: + operationId: core_applications_set_icon_create + description: Set application icon + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/groups/: + get: + operationId: core_groups_list + description: Group Viewset + parameters: + - in: query + name: is_superuser + schema: + type: boolean + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedGroupList' + description: '' + post: + operationId: core_groups_create + description: Group Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + /api/v2beta/core/groups/{group_uuid}/: + get: + operationId: core_groups_retrieve + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + put: + operationId: core_groups_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + patch: + operationId: core_groups_partial_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + delete: + operationId: core_groups_destroy + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/tokens/: + get: + operationId: core_tokens_list + description: Token Viewset + parameters: + - in: query + name: description + schema: + type: string + - in: query + name: identifier + schema: + type: string + - in: query + name: intent + schema: + type: string + enum: + - api + - recovery + - verification + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user__username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTokenList' + description: '' + post: + operationId: core_tokens_create + description: Token Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + /api/v2beta/core/tokens/{identifier}/: + get: + operationId: core_tokens_retrieve + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + put: + operationId: core_tokens_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + patch: + operationId: core_tokens_partial_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + delete: + operationId: core_tokens_destroy + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/tokens/{identifier}/view_key/: + get: + operationId: core_tokens_view_key_retrieve + description: Return token key and log access + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TokenView' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/user_consent/: + get: + operationId: core_user_consent_list + description: UserConsent Viewset + parameters: + - in: query + name: application + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserConsentList' + description: '' + /api/v2beta/core/user_consent/{id}/: + get: + operationId: core_user_consent_retrieve + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserConsent' + description: '' + delete: + operationId: core_user_consent_destroy + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/users/: + get: + operationId: core_users_list + description: User Viewset + parameters: + - in: query + name: attributes + schema: + type: string + description: Attributes + - in: query + name: is_active + schema: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + - in: query + name: is_superuser + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserList' + description: '' + post: + operationId: core_users_create + description: User Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + /api/v2beta/core/users/{id}/: + get: + operationId: core_users_retrieve + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + put: + operationId: core_users_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + patch: + operationId: core_users_partial_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + delete: + operationId: core_users_destroy + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/users/{id}/metrics/: + get: + operationId: core_users_metrics_retrieve + description: User metrics per 1h + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserMetrics' + description: '' + /api/v2beta/core/users/{id}/recovery/: + get: + operationId: core_users_recovery_retrieve + description: Create a temporary link that a user can use to recover their accounts + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/users/me/: + get: + operationId: core_users_me_retrieve + description: Get information about current user + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SessionUser' + description: '' + /api/v2beta/crypto/certificatekeypairs/: + get: + operationId: crypto_certificatekeypairs_list + description: CertificateKeyPair Viewset + parameters: + - in: query + name: has_key + schema: + type: string + description: Only return certificate-key pairs with keys + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCertificateKeyPairList' + description: '' + post: + operationId: crypto_certificatekeypairs_create + description: CertificateKeyPair Viewset + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/: + get: + operationId: crypto_certificatekeypairs_retrieve + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + put: + operationId: crypto_certificatekeypairs_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + patch: + operationId: crypto_certificatekeypairs_partial_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + delete: + operationId: crypto_certificatekeypairs_destroy + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_certificate/: + get: + operationId: crypto_certificatekeypairs_view_certificate_retrieve + description: Return certificate-key pairs certificate and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_private_key/: + get: + operationId: crypto_certificatekeypairs_view_private_key_retrieve + description: Return certificate-key pairs private key and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + /api/v2beta/crypto/certificatekeypairs/generate/: + post: + operationId: crypto_certificatekeypairs_generate_create + description: Generate a new, self-signed certificate-key pair + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/events/events/: + get: + operationId: events_events_list + description: Event Read-Only Viewset + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventList' + description: '' + /api/v2beta/events/events/{event_uuid}/: + get: + operationId: events_events_retrieve + description: Event Read-Only Viewset + parameters: + - in: path + name: event_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Event' + description: '' + /api/v2beta/events/events/actions/: + get: + operationId: events_events_actions_list + description: Get all actions + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/events/events/top_per_user/: + get: + operationId: events_events_top_per_user_list + description: Get the top_n events grouped by user count + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: top_n + schema: + type: integer + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventTopPerUserList' + description: '' + /api/v2beta/events/notifications/: + get: + operationId: events_notifications_list + description: Notification Viewset + parameters: + - in: query + name: body + schema: + type: string + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: event + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: seen + schema: + type: boolean + - in: query + name: severity + schema: + type: string + enum: + - alert + - notice + - warning + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationList' + description: '' + /api/v2beta/events/notifications/{uuid}/: + get: + operationId: events_notifications_retrieve + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + put: + operationId: events_notifications_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + patch: + operationId: events_notifications_partial_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + delete: + operationId: events_notifications_destroy + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/rules/: + get: + operationId: events_rules_list + description: NotificationRule Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationRuleList' + description: '' + post: + operationId: events_rules_create + description: NotificationRule Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + /api/v2beta/events/rules/{pbm_uuid}/: + get: + operationId: events_rules_retrieve + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + put: + operationId: events_rules_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + patch: + operationId: events_rules_partial_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + delete: + operationId: events_rules_destroy + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/transports/: + get: + operationId: events_transports_list + description: NotificationTransport Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationTransportList' + description: '' + post: + operationId: events_transports_create + description: NotificationTransport Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + /api/v2beta/events/transports/{uuid}/: + get: + operationId: events_transports_retrieve + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + put: + operationId: events_transports_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + patch: + operationId: events_transports_partial_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + delete: + operationId: events_transports_destroy + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/transports/{uuid}/test/: + post: + operationId: events_transports_test_create + description: |- + Send example notification using selected transport. Requires + Modify permissions. + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportTest' + description: '' + '503': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/bindings/: + get: + operationId: flows_bindings_list + description: FlowStageBinding Viewset + parameters: + - in: query + name: evaluate_on_plan + schema: + type: boolean + - in: query + name: fsb_uuid + schema: + type: string + format: uuid + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: pbm_uuid + schema: + type: string + format: uuid + - in: query + name: policies + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: re_evaluate_policies + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: stage + schema: + type: string + format: uuid + - in: query + name: target + schema: + type: string + format: uuid + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowStageBindingList' + description: '' + post: + operationId: flows_bindings_create + description: FlowStageBinding Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + /api/v2beta/flows/bindings/{fsb_uuid}/: + get: + operationId: flows_bindings_retrieve + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + put: + operationId: flows_bindings_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + patch: + operationId: flows_bindings_partial_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + delete: + operationId: flows_bindings_destroy + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/flows/executor/{flow_slug}/: + get: + operationId: flows_executor_get + description: Get the next pending challenge from the currently active flow. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + post: + operationId: flows_executor_solve + description: Solve the previously retrieved challenge and advanced to the next + stage. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + /api/v2beta/flows/instances/: + get: + operationId: flows_instances_list + description: Flow Viewset + parameters: + - in: query + name: designation + schema: + type: string + enum: + - authentication + - authorization + - enrollment + - invalidation + - recovery + - stage_configuration + - unenrollment + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + - in: query + name: flow_uuid + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: slug + schema: + type: string + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowList' + description: '' + post: + operationId: flows_instances_create + description: Flow Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + /api/v2beta/flows/instances/{slug}/: + get: + operationId: flows_instances_retrieve + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + put: + operationId: flows_instances_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + patch: + operationId: flows_instances_partial_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + delete: + operationId: flows_instances_destroy + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/flows/instances/{slug}/diagram/: + get: + operationId: flows_instances_diagram_retrieve + description: Return diagram for flow with slug `slug`, in the format used by + flowchart.js + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowDiagram' + description: '' + /api/v2beta/flows/instances/{slug}/execute/: + get: + operationId: flows_instances_execute_retrieve + description: Execute flow for current user + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/{slug}/export/: + get: + operationId: flows_instances_export_retrieve + description: Export flow to .akflow file + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: null + /api/v2beta/flows/instances/{slug}/set_background/: + post: + operationId: flows_instances_set_background_create + description: Set Flow background + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/cache_clear/: + post: + operationId: flows_instances_cache_clear_create + description: Clear flow cache + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/cache_info/: + get: + operationId: flows_instances_cache_info_retrieve + description: Info about cached flows + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + /api/v2beta/flows/instances/import_flow/: + post: + operationId: flows_instances_import_flow_create + description: Import flow from .akflow file + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/oauth2/authorization_codes/: + get: + operationId: oauth2_authorization_codes_list + description: AuthorizationCode Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + /api/v2beta/oauth2/authorization_codes/{id}/: + get: + operationId: oauth2_authorization_codes_retrieve + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + delete: + operationId: oauth2_authorization_codes_destroy + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/oauth2/refresh_tokens/: + get: + operationId: oauth2_refresh_tokens_list + description: RefreshToken Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + /api/v2beta/oauth2/refresh_tokens/{id}/: + get: + operationId: oauth2_refresh_tokens_retrieve + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + delete: + operationId: oauth2_refresh_tokens_destroy + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/instances/: + get: + operationId: outposts_instances_list + description: Outpost Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostList' + description: '' + post: + operationId: outposts_instances_create + description: Outpost Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + /api/v2beta/outposts/instances/{uuid}/: + get: + operationId: outposts_instances_retrieve + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + put: + operationId: outposts_instances_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + patch: + operationId: outposts_instances_partial_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + delete: + operationId: outposts_instances_destroy + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/instances/{uuid}/health/: + get: + operationId: outposts_instances_health_list + description: Get outposts current health + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostHealthList' + description: '' + /api/v2beta/outposts/instances/default_settings/: + get: + operationId: outposts_instances_default_settings_retrieve + description: Global default outpost config + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostDefaultConfig' + description: '' + /api/v2beta/outposts/ldap/: + get: + operationId: outposts_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList' + description: '' + /api/v2beta/outposts/ldap/{id}/: + get: + operationId: outposts_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPOutpostConfig' + description: '' + /api/v2beta/outposts/outposts/: + get: + operationId: outposts_outposts_list + description: Outpost Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostList' + description: '' + post: + operationId: outposts_outposts_create + description: Outpost Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + /api/v2beta/outposts/outposts/{uuid}/: + get: + operationId: outposts_outposts_retrieve + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + put: + operationId: outposts_outposts_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + patch: + operationId: outposts_outposts_partial_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + delete: + operationId: outposts_outposts_destroy + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/outposts/{uuid}/health/: + get: + operationId: outposts_outposts_health_list + description: Get outposts current health + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostHealthList' + description: '' + /api/v2beta/outposts/outposts/default_settings/: + get: + operationId: outposts_outposts_default_settings_retrieve + description: Global default outpost config + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostDefaultConfig' + description: '' + /api/v2beta/outposts/proxy/: + get: + operationId: outposts_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyOutpostConfigList' + description: '' + /api/v2beta/outposts/proxy/{id}/: + get: + operationId: outposts_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyOutpostConfig' + description: '' + /api/v2beta/outposts/service_connections/all/: + get: + operationId: outposts_service_connections_all_list + description: ServiceConnection Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedServiceConnectionList' + description: '' + /api/v2beta/outposts/service_connections/all/{uuid}/: + get: + operationId: outposts_service_connections_all_retrieve + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_all_destroy + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/service_connections/all/{uuid}/state/: + get: + operationId: outposts_service_connections_all_state_retrieve + description: Get the service connection's state + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionState' + description: '' + /api/v2beta/outposts/service_connections/all/types/: + get: + operationId: outposts_service_connections_all_types_list + description: Get all creatable service connection types + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/outposts/service_connections/docker/: + get: + operationId: outposts_service_connections_docker_list + description: DockerServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDockerServiceConnectionList' + description: '' + post: + operationId: outposts_service_connections_docker_create + description: DockerServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + /api/v2beta/outposts/service_connections/docker/{uuid}/: + get: + operationId: outposts_service_connections_docker_retrieve + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + put: + operationId: outposts_service_connections_docker_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + patch: + operationId: outposts_service_connections_docker_partial_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_docker_destroy + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/service_connections/kubernetes/: + get: + operationId: outposts_service_connections_kubernetes_list + description: KubernetesServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList' + description: '' + post: + operationId: outposts_service_connections_kubernetes_create + description: KubernetesServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + /api/v2beta/outposts/service_connections/kubernetes/{uuid}/: + get: + operationId: outposts_service_connections_kubernetes_retrieve + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + put: + operationId: outposts_service_connections_kubernetes_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + patch: + operationId: outposts_service_connections_kubernetes_partial_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_kubernetes_destroy + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/all/: + get: + operationId: policies_all_list + description: Policy Viewset + parameters: + - in: query + name: bindings__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: promptstage__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyList' + description: '' + /api/v2beta/policies/all/{policy_uuid}/: + get: + operationId: policies_all_retrieve + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + description: '' + delete: + operationId: policies_all_destroy + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/all/{policy_uuid}/test/: + post: + operationId: policies_all_test_create + description: Test policy + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestResult' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/policies/all/cache_clear/: + post: + operationId: policies_all_cache_clear_create + description: Clear policy cache + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/policies/all/cache_info/: + get: + operationId: policies_all_cache_info_retrieve + description: Info about cached policies + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + /api/v2beta/policies/all/types/: + get: + operationId: policies_all_types_list + description: Get all creatable policy types + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/policies/bindings/: + get: + operationId: policies_bindings_list + description: PolicyBinding Viewset + parameters: + - in: query + name: enabled + schema: + type: boolean + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: policy + schema: + type: string + format: uuid + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: target + schema: + type: string + format: uuid + - in: query + name: timeout + schema: + type: integer + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyBindingList' + description: '' + post: + operationId: policies_bindings_create + description: PolicyBinding Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + /api/v2beta/policies/bindings/{policy_binding_uuid}/: + get: + operationId: policies_bindings_retrieve + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + put: + operationId: policies_bindings_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + patch: + operationId: policies_bindings_partial_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + delete: + operationId: policies_bindings_destroy + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/dummy/: + get: + operationId: policies_dummy_list + description: Dummy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyPolicyList' + description: '' + post: + operationId: policies_dummy_create + description: Dummy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + /api/v2beta/policies/dummy/{policy_uuid}/: + get: + operationId: policies_dummy_retrieve + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + put: + operationId: policies_dummy_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + patch: + operationId: policies_dummy_partial_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + delete: + operationId: policies_dummy_destroy + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/event_matcher/: + get: + operationId: policies_event_matcher_list + description: Event Matcher Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventMatcherPolicyList' + description: '' + post: + operationId: policies_event_matcher_create + description: Event Matcher Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + /api/v2beta/policies/event_matcher/{policy_uuid}/: + get: + operationId: policies_event_matcher_retrieve + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + put: + operationId: policies_event_matcher_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + patch: + operationId: policies_event_matcher_partial_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + delete: + operationId: policies_event_matcher_destroy + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/expression/: + get: + operationId: policies_expression_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpressionPolicyList' + description: '' + post: + operationId: policies_expression_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + /api/v2beta/policies/expression/{policy_uuid}/: + get: + operationId: policies_expression_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + put: + operationId: policies_expression_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + patch: + operationId: policies_expression_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + delete: + operationId: policies_expression_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/haveibeenpwned/: + get: + operationId: policies_haveibeenpwned_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedHaveIBeenPwendPolicyList' + description: '' + post: + operationId: policies_haveibeenpwned_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + /api/v2beta/policies/haveibeenpwned/{policy_uuid}/: + get: + operationId: policies_haveibeenpwned_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + put: + operationId: policies_haveibeenpwned_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + patch: + operationId: policies_haveibeenpwned_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + delete: + operationId: policies_haveibeenpwned_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/password/: + get: + operationId: policies_password_list + description: Password Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordPolicyList' + description: '' + post: + operationId: policies_password_create + description: Password Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + /api/v2beta/policies/password/{policy_uuid}/: + get: + operationId: policies_password_retrieve + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + put: + operationId: policies_password_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + patch: + operationId: policies_password_partial_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + delete: + operationId: policies_password_destroy + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/password_expiry/: + get: + operationId: policies_password_expiry_list + description: Password Expiry Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList' + description: '' + post: + operationId: policies_password_expiry_create + description: Password Expiry Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + /api/v2beta/policies/password_expiry/{policy_uuid}/: + get: + operationId: policies_password_expiry_retrieve + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + put: + operationId: policies_password_expiry_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + patch: + operationId: policies_password_expiry_partial_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + delete: + operationId: policies_password_expiry_destroy + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/: + get: + operationId: policies_reputation_list + description: Reputation Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedReputationPolicyList' + description: '' + post: + operationId: policies_reputation_create + description: Reputation Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + /api/v2beta/policies/reputation/{policy_uuid}/: + get: + operationId: policies_reputation_retrieve + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + put: + operationId: policies_reputation_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + patch: + operationId: policies_reputation_partial_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + delete: + operationId: policies_reputation_destroy + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/ips/: + get: + operationId: policies_reputation_ips_list + description: IPReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIPReputationList' + description: '' + post: + operationId: policies_reputation_ips_create + description: IPReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + /api/v2beta/policies/reputation/ips/{id}/: + get: + operationId: policies_reputation_ips_retrieve + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + put: + operationId: policies_reputation_ips_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + patch: + operationId: policies_reputation_ips_partial_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + delete: + operationId: policies_reputation_ips_destroy + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/users/: + get: + operationId: policies_reputation_users_list + description: UserReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserReputationList' + description: '' + post: + operationId: policies_reputation_users_create + description: UserReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + /api/v2beta/policies/reputation/users/{id}/: + get: + operationId: policies_reputation_users_retrieve + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + put: + operationId: policies_reputation_users_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + patch: + operationId: policies_reputation_users_partial_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + delete: + operationId: policies_reputation_users_destroy + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/all/: + get: + operationId: propertymappings_all_list + description: PropertyMapping Viewset + parameters: + - in: query + name: managed__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPropertyMappingList' + description: '' + /api/v2beta/propertymappings/all/{pm_uuid}/: + get: + operationId: propertymappings_all_retrieve + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMapping' + description: '' + delete: + operationId: propertymappings_all_destroy + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/all/{pm_uuid}/test/: + post: + operationId: propertymappings_all_test_create + description: Test Property Mapping + parameters: + - in: query + name: format_result + schema: + type: boolean + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMappingTestResult' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/propertymappings/all/types/: + get: + operationId: propertymappings_all_types_list + description: Get all creatable property-mapping types + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/propertymappings/ldap/: + get: + operationId: propertymappings_ldap_list + description: LDAP PropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList' + description: '' + post: + operationId: propertymappings_ldap_create + description: LDAP PropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + /api/v2beta/propertymappings/ldap/{pm_uuid}/: + get: + operationId: propertymappings_ldap_retrieve + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + put: + operationId: propertymappings_ldap_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + patch: + operationId: propertymappings_ldap_partial_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + delete: + operationId: propertymappings_ldap_destroy + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/saml/: + get: + operationId: propertymappings_saml_list + description: SAMLPropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList' + description: '' + post: + operationId: propertymappings_saml_create + description: SAMLPropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + /api/v2beta/propertymappings/saml/{pm_uuid}/: + get: + operationId: propertymappings_saml_retrieve + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + put: + operationId: propertymappings_saml_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + patch: + operationId: propertymappings_saml_partial_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + delete: + operationId: propertymappings_saml_destroy + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/scope/: + get: + operationId: propertymappings_scope_list + description: ScopeMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedScopeMappingList' + description: '' + post: + operationId: propertymappings_scope_create + description: ScopeMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + /api/v2beta/propertymappings/scope/{pm_uuid}/: + get: + operationId: propertymappings_scope_retrieve + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + put: + operationId: propertymappings_scope_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + patch: + operationId: propertymappings_scope_partial_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + delete: + operationId: propertymappings_scope_destroy + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/all/: + get: + operationId: providers_all_list + description: Provider Viewset + parameters: + - in: query + name: application__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProviderList' + description: '' + /api/v2beta/providers/all/{id}/: + get: + operationId: providers_all_retrieve + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + description: '' + delete: + operationId: providers_all_destroy + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/all/types/: + get: + operationId: providers_all_types_list + description: Get all creatable provider types + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/providers/ldap/: + get: + operationId: providers_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPProviderList' + description: '' + post: + operationId: providers_ldap_create + description: LDAPProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + /api/v2beta/providers/ldap/{id}/: + get: + operationId: providers_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + put: + operationId: providers_ldap_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + patch: + operationId: providers_ldap_partial_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + delete: + operationId: providers_ldap_destroy + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/oauth2/: + get: + operationId: providers_oauth2_list + description: OAuth2Provider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuth2ProviderList' + description: '' + post: + operationId: providers_oauth2_create + description: OAuth2Provider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + /api/v2beta/providers/oauth2/{id}/: + get: + operationId: providers_oauth2_retrieve + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + put: + operationId: providers_oauth2_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + patch: + operationId: providers_oauth2_partial_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + delete: + operationId: providers_oauth2_destroy + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/oauth2/{id}/setup_urls/: + get: + operationId: providers_oauth2_setup_urls_retrieve + description: Get Providers setup URLs + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderSetupURLs' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/providers/proxy/: + get: + operationId: providers_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyProviderList' + description: '' + post: + operationId: providers_proxy_create + description: ProxyProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + /api/v2beta/providers/proxy/{id}/: + get: + operationId: providers_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + put: + operationId: providers_proxy_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + patch: + operationId: providers_proxy_partial_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + delete: + operationId: providers_proxy_destroy + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/saml/: + get: + operationId: providers_saml_list + description: SAMLProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLProviderList' + description: '' + post: + operationId: providers_saml_create + description: SAMLProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + /api/v2beta/providers/saml/{id}/: + get: + operationId: providers_saml_retrieve + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + put: + operationId: providers_saml_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + patch: + operationId: providers_saml_partial_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + delete: + operationId: providers_saml_destroy + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/saml/{id}/metadata/: + get: + operationId: providers_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/providers/saml/import_metadata/: + post: + operationId: providers_saml_import_metadata_create + description: Create provider from SAML Metadata + tags: + - providers + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderImportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/root/config/: + get: + operationId: root_config_list + description: Retrive public configuration options + tags: + - root + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Config' + description: '' + /api/v2beta/schema/: + get: + operationId: schema_retrieve + description: |- + OpenApi3 schema for this API. Format can be selected via content negotiation. + + - YAML: application/vnd.oai.openapi + - JSON: application/vnd.oai.openapi+json + parameters: + - in: query + name: format + schema: + type: string + enum: + - json + - yaml + - in: query + name: lang + schema: + type: string + enum: + - af + - ar + - ar-dz + - ast + - az + - be + - bg + - bn + - br + - bs + - ca + - cs + - cy + - da + - de + - dsb + - el + - en + - en-au + - en-gb + - eo + - es + - es-ar + - es-co + - es-mx + - es-ni + - es-ve + - et + - eu + - fa + - fi + - fr + - fy + - ga + - gd + - gl + - he + - hi + - hr + - hsb + - hu + - hy + - ia + - id + - ig + - io + - is + - it + - ja + - ka + - kab + - kk + - km + - kn + - ko + - ky + - lb + - lt + - lv + - mk + - ml + - mn + - mr + - my + - nb + - ne + - nl + - nn + - os + - pa + - pl + - pt + - pt-br + - ro + - ru + - sk + - sl + - sq + - sr + - sr-latn + - sv + - sw + - ta + - te + - tg + - th + - tk + - tr + - tt + - udm + - uk + - ur + - uz + - vi + - zh-hans + - zh-hant + tags: + - schema + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/vnd.oai.openapi: + schema: + type: object + additionalProperties: {} + application/yaml: + schema: + type: object + additionalProperties: {} + application/vnd.oai.openapi+json: + schema: + type: object + additionalProperties: {} + application/json: + schema: + type: object + additionalProperties: {} + description: '' + /api/v2beta/sources/all/: + get: + operationId: sources_all_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSourceList' + description: '' + /api/v2beta/sources/all/{slug}/: + get: + operationId: sources_all_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Source' + description: '' + delete: + operationId: sources_all_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/all/types/: + get: + operationId: sources_all_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/sources/all/user_settings/: + get: + operationId: sources_all_user_settings_list + description: Get all sources the user can configure + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/UserSetting' + description: '' + /api/v2beta/sources/ldap/: + get: + operationId: sources_ldap_list + description: LDAP Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPSourceList' + description: '' + post: + operationId: sources_ldap_create + description: LDAP Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + /api/v2beta/sources/ldap/{slug}/: + get: + operationId: sources_ldap_retrieve + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + put: + operationId: sources_ldap_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + patch: + operationId: sources_ldap_partial_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + delete: + operationId: sources_ldap_destroy + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/ldap/{slug}/sync_status/: + get: + operationId: sources_ldap_sync_status_retrieve + description: Get source's sync status + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/sources/oauth/: + get: + operationId: sources_oauth_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuthSourceList' + description: '' + post: + operationId: sources_oauth_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + /api/v2beta/sources/oauth/{slug}/: + get: + operationId: sources_oauth_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + put: + operationId: sources_oauth_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + patch: + operationId: sources_oauth_partial_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + delete: + operationId: sources_oauth_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/oauth/source_types/: + get: + operationId: sources_oauth_source_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/SourceType' + description: '' + /api/v2beta/sources/oauth_user_connections/: + get: + operationId: sources_oauth_user_connections_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: source__slug + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList' + description: '' + post: + operationId: sources_oauth_user_connections_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + /api/v2beta/sources/oauth_user_connections/{id}/: + get: + operationId: sources_oauth_user_connections_retrieve + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + put: + operationId: sources_oauth_user_connections_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + patch: + operationId: sources_oauth_user_connections_partial_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + delete: + operationId: sources_oauth_user_connections_destroy + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/plex/: + get: + operationId: sources_plex_list + description: Plex source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPlexSourceList' + description: '' + post: + operationId: sources_plex_create + description: Plex source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + /api/v2beta/sources/plex/{slug}/: + get: + operationId: sources_plex_retrieve + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + put: + operationId: sources_plex_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + patch: + operationId: sources_plex_partial_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + delete: + operationId: sources_plex_destroy + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/plex/redeem_token/: + post: + operationId: sources_plex_redeem_token_create + description: |- + Redeem a plex token, check it's access to resources against what's allowed + for the source, and redirect to an authentication/enrollment flow. + parameters: + - in: query + name: slug + schema: + type: string + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RedirectChallenge' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '403': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/sources/saml/: + get: + operationId: sources_saml_list + description: SAMLSource Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLSourceList' + description: '' + post: + operationId: sources_saml_create + description: SAMLSource Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + /api/v2beta/sources/saml/{slug}/: + get: + operationId: sources_saml_retrieve + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + put: + operationId: sources_saml_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + patch: + operationId: sources_saml_partial_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + delete: + operationId: sources_saml_destroy + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/saml/{slug}/metadata/: + get: + operationId: sources_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + /api/v2beta/stages/all/: + get: + operationId: stages_all_list + description: Stage Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStageList' + description: '' + /api/v2beta/stages/all/{stage_uuid}/: + get: + operationId: stages_all_retrieve + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Stage' + description: '' + delete: + operationId: stages_all_destroy + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/all/types/: + get: + operationId: stages_all_types_list + description: Get all creatable stage types + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/stages/all/user_settings/: + get: + operationId: stages_all_user_settings_list + description: Get all stages the user can configure + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/StageUserSetting' + description: '' + /api/v2beta/stages/authenticator/static/: + get: + operationId: stages_authenticator_static_list + description: AuthenticatorStaticStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList' + description: '' + post: + operationId: stages_authenticator_static_create + description: AuthenticatorStaticStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + /api/v2beta/stages/authenticator/static/{stage_uuid}/: + get: + operationId: stages_authenticator_static_retrieve + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + put: + operationId: stages_authenticator_static_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + patch: + operationId: stages_authenticator_static_partial_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + delete: + operationId: stages_authenticator_static_destroy + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/totp/: + get: + operationId: stages_authenticator_totp_list + description: AuthenticatorTOTPStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList' + description: '' + post: + operationId: stages_authenticator_totp_create + description: AuthenticatorTOTPStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + /api/v2beta/stages/authenticator/totp/{stage_uuid}/: + get: + operationId: stages_authenticator_totp_retrieve + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + put: + operationId: stages_authenticator_totp_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + patch: + operationId: stages_authenticator_totp_partial_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + delete: + operationId: stages_authenticator_totp_destroy + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/validate/: + get: + operationId: stages_authenticator_validate_list + description: AuthenticatorValidateStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList' + description: '' + post: + operationId: stages_authenticator_validate_create + description: AuthenticatorValidateStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + /api/v2beta/stages/authenticator/validate/{stage_uuid}/: + get: + operationId: stages_authenticator_validate_retrieve + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + put: + operationId: stages_authenticator_validate_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + patch: + operationId: stages_authenticator_validate_partial_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + delete: + operationId: stages_authenticator_validate_destroy + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/webauthn/: + get: + operationId: stages_authenticator_webauthn_list + description: AuthenticateWebAuthnStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList' + description: '' + post: + operationId: stages_authenticator_webauthn_create + description: AuthenticateWebAuthnStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + /api/v2beta/stages/authenticator/webauthn/{stage_uuid}/: + get: + operationId: stages_authenticator_webauthn_retrieve + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + put: + operationId: stages_authenticator_webauthn_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + patch: + operationId: stages_authenticator_webauthn_partial_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + delete: + operationId: stages_authenticator_webauthn_destroy + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/captcha/: + get: + operationId: stages_captcha_list + description: CaptchaStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCaptchaStageList' + description: '' + post: + operationId: stages_captcha_create + description: CaptchaStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + /api/v2beta/stages/captcha/{stage_uuid}/: + get: + operationId: stages_captcha_retrieve + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + put: + operationId: stages_captcha_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + patch: + operationId: stages_captcha_partial_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + delete: + operationId: stages_captcha_destroy + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/consent/: + get: + operationId: stages_consent_list + description: ConsentStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedConsentStageList' + description: '' + post: + operationId: stages_consent_create + description: ConsentStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + /api/v2beta/stages/consent/{stage_uuid}/: + get: + operationId: stages_consent_retrieve + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + put: + operationId: stages_consent_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + patch: + operationId: stages_consent_partial_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + delete: + operationId: stages_consent_destroy + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/deny/: + get: + operationId: stages_deny_list + description: DenyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDenyStageList' + description: '' + post: + operationId: stages_deny_create + description: DenyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + /api/v2beta/stages/deny/{stage_uuid}/: + get: + operationId: stages_deny_retrieve + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + put: + operationId: stages_deny_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + patch: + operationId: stages_deny_partial_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + delete: + operationId: stages_deny_destroy + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/dummy/: + get: + operationId: stages_dummy_list + description: DummyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyStageList' + description: '' + post: + operationId: stages_dummy_create + description: DummyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + /api/v2beta/stages/dummy/{stage_uuid}/: + get: + operationId: stages_dummy_retrieve + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + put: + operationId: stages_dummy_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + patch: + operationId: stages_dummy_partial_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + delete: + operationId: stages_dummy_destroy + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/email/: + get: + operationId: stages_email_list + description: EmailStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEmailStageList' + description: '' + post: + operationId: stages_email_create + description: EmailStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + /api/v2beta/stages/email/{stage_uuid}/: + get: + operationId: stages_email_retrieve + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + put: + operationId: stages_email_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + patch: + operationId: stages_email_partial_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + delete: + operationId: stages_email_destroy + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/email/templates/: + get: + operationId: stages_email_templates_list + description: Get all available templates, including custom templates + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/stages/identification/: + get: + operationId: stages_identification_list + description: IdentificationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIdentificationStageList' + description: '' + post: + operationId: stages_identification_create + description: IdentificationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + /api/v2beta/stages/identification/{stage_uuid}/: + get: + operationId: stages_identification_retrieve + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + put: + operationId: stages_identification_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + patch: + operationId: stages_identification_partial_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + delete: + operationId: stages_identification_destroy + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/invitation/invitations/: + get: + operationId: stages_invitation_invitations_list + description: Invitation Viewset + parameters: + - in: query + name: created_by__username + schema: + type: string + - in: query + name: expires + schema: + type: string + format: date-time + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationList' + description: '' + post: + operationId: stages_invitation_invitations_create + description: Invitation Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + /api/v2beta/stages/invitation/invitations/{invite_uuid}/: + get: + operationId: stages_invitation_invitations_retrieve + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + put: + operationId: stages_invitation_invitations_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + patch: + operationId: stages_invitation_invitations_partial_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + delete: + operationId: stages_invitation_invitations_destroy + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/invitation/stages/: + get: + operationId: stages_invitation_stages_list + description: InvitationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationStageList' + description: '' + post: + operationId: stages_invitation_stages_create + description: InvitationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + /api/v2beta/stages/invitation/stages/{stage_uuid}/: + get: + operationId: stages_invitation_stages_retrieve + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + put: + operationId: stages_invitation_stages_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + patch: + operationId: stages_invitation_stages_partial_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + delete: + operationId: stages_invitation_stages_destroy + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/password/: + get: + operationId: stages_password_list + description: PasswordStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordStageList' + description: '' + post: + operationId: stages_password_create + description: PasswordStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + /api/v2beta/stages/password/{stage_uuid}/: + get: + operationId: stages_password_retrieve + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + put: + operationId: stages_password_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + patch: + operationId: stages_password_partial_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + delete: + operationId: stages_password_destroy + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/prompt/prompts/: + get: + operationId: stages_prompt_prompts_list + description: Prompt Viewset + parameters: + - in: query + name: field_key + schema: + type: string + - in: query + name: label + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: placeholder + schema: + type: string + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: type + schema: + type: string + enum: + - checkbox + - date + - date-time + - email + - hidden + - number + - password + - separator + - static + - text + - username + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptList' + description: '' + post: + operationId: stages_prompt_prompts_create + description: Prompt Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + /api/v2beta/stages/prompt/prompts/{prompt_uuid}/: + get: + operationId: stages_prompt_prompts_retrieve + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + put: + operationId: stages_prompt_prompts_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + patch: + operationId: stages_prompt_prompts_partial_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + delete: + operationId: stages_prompt_prompts_destroy + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/prompt/stages/: + get: + operationId: stages_prompt_stages_list + description: PromptStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptStageList' + description: '' + post: + operationId: stages_prompt_stages_create + description: PromptStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + /api/v2beta/stages/prompt/stages/{stage_uuid}/: + get: + operationId: stages_prompt_stages_retrieve + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + put: + operationId: stages_prompt_stages_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + patch: + operationId: stages_prompt_stages_partial_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + delete: + operationId: stages_prompt_stages_destroy + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_delete/: + get: + operationId: stages_user_delete_list + description: UserDeleteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserDeleteStageList' + description: '' + post: + operationId: stages_user_delete_create + description: UserDeleteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + /api/v2beta/stages/user_delete/{stage_uuid}/: + get: + operationId: stages_user_delete_retrieve + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + put: + operationId: stages_user_delete_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + patch: + operationId: stages_user_delete_partial_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + delete: + operationId: stages_user_delete_destroy + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_login/: + get: + operationId: stages_user_login_list + description: UserLoginStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLoginStageList' + description: '' + post: + operationId: stages_user_login_create + description: UserLoginStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + /api/v2beta/stages/user_login/{stage_uuid}/: + get: + operationId: stages_user_login_retrieve + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + put: + operationId: stages_user_login_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + patch: + operationId: stages_user_login_partial_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + delete: + operationId: stages_user_login_destroy + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_logout/: + get: + operationId: stages_user_logout_list + description: UserLogoutStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLogoutStageList' + description: '' + post: + operationId: stages_user_logout_create + description: UserLogoutStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + /api/v2beta/stages/user_logout/{stage_uuid}/: + get: + operationId: stages_user_logout_retrieve + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + put: + operationId: stages_user_logout_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + patch: + operationId: stages_user_logout_partial_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + delete: + operationId: stages_user_logout_destroy + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_write/: + get: + operationId: stages_user_write_list + description: UserWriteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserWriteStageList' + description: '' + post: + operationId: stages_user_write_create + description: UserWriteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + /api/v2beta/stages/user_write/{stage_uuid}/: + get: + operationId: stages_user_write_retrieve + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + put: + operationId: stages_user_write_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + patch: + operationId: stages_user_write_partial_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + delete: + operationId: stages_user_write_destroy + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body +components: + schemas: + ActionEnum: + enum: + - login + - login_failed + - logout + - user_write + - suspicious_request + - password_set + - secret_view + - invitation_used + - authorize_application + - source_linked + - impersonation_started + - impersonation_ended + - policy_execution + - policy_exception + - property_mapping_exception + - system_task_execution + - system_task_exception + - configuration_error + - model_created + - model_updated + - model_deleted + - update_available + - custom_ + type: string + App: + type: object + description: Serialize Application info + properties: + name: + type: string + label: + type: string + required: + - label + - name + AppEnum: + enum: + - authentik.admin + - authentik.api + - authentik.events + - authentik.crypto + - authentik.flows + - authentik.outposts + - authentik.lib + - authentik.policies + - authentik.policies.dummy + - authentik.policies.event_matcher + - authentik.policies.expiry + - authentik.policies.expression + - authentik.policies.hibp + - authentik.policies.password + - authentik.policies.reputation + - authentik.providers.proxy + - authentik.providers.ldap + - authentik.providers.oauth2 + - authentik.providers.saml + - authentik.recovery + - authentik.sources.ldap + - authentik.sources.oauth + - authentik.sources.plex + - authentik.sources.saml + - authentik.stages.authenticator_static + - authentik.stages.authenticator_totp + - authentik.stages.authenticator_validate + - authentik.stages.authenticator_webauthn + - authentik.stages.captcha + - authentik.stages.consent + - authentik.stages.deny + - authentik.stages.dummy + - authentik.stages.email + - authentik.stages.identification + - authentik.stages.invitation + - authentik.stages.password + - authentik.stages.prompt + - authentik.stages.user_delete + - authentik.stages.user_login + - authentik.stages.user_logout + - authentik.stages.user_write + - authentik.core + - authentik.managed + type: string + Application: + type: object + description: Application Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/Provider' + launch_url: + type: string + nullable: true + readOnly: true + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: uri + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - launch_url + - name + - pk + - slug + ApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: binary + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - name + - slug + AuthenticateWebAuthnStage: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - name + AuthenticatorStaticStage: + type: object + description: AuthenticatorStaticStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - name + AuthenticatorTOTPStage: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - component + - digits + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - digits + - name + AuthenticatorValidateStage: + type: object + description: AuthenticatorValidateStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - name + BackendsEnum: + enum: + - django.contrib.auth.backends.ModelBackend + - authentik.sources.ldap.auth.LDAPBackend + type: string + BindingTypeEnum: + enum: + - REDIRECT + - POST + - POST_AUTO + type: string + BlankEnum: + enum: + - '' + Cache: + type: object + description: Generic cache stats for an object + properties: + count: + type: integer + readOnly: true + required: + - count + CaptchaStage: + type: object + description: CaptchaStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - component + - name + - pk + - public_key + - verbose_name + - verbose_name_plural + CaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - name + - private_key + - public_key + CertificateData: + type: object + description: Get CertificateKeyPair's data + properties: + data: + type: string + readOnly: true + required: + - data + CertificateGenerationRequest: + type: object + description: Certificate generation parameters + properties: + common_name: + type: string + subject_alt_name: + type: string + validity_days: + type: integer + required: + - common_name + - validity_days + CertificateKeyPair: + type: object + description: CertificateKeyPair Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Kp uuid + name: + type: string + fingerprint: + type: string + readOnly: true + cert_expiry: + type: string + format: date-time + readOnly: true + cert_subject: + type: string + readOnly: true + private_key_available: + type: boolean + readOnly: true + required: + - cert_expiry + - cert_subject + - fingerprint + - name + - pk + - private_key_available + CertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + required: + - certificate_data + - name + Challenge: + type: object + description: |- + Challenge that gets sent to the client based on which stage + is currently active + properties: + type: + $ref: '#/components/schemas/Type4f1Enum' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + required: + - type + ClientTypeEnum: + enum: + - confidential + - public + type: string + Config: + type: object + description: Serialize authentik Config into DRF Object + properties: + branding_logo: + type: string + readOnly: true + branding_title: + type: string + readOnly: true + ui_footer_links: + type: array + items: + $ref: '#/components/schemas/FooterLink' + readOnly: true + error_reporting_enabled: + type: boolean + readOnly: true + error_reporting_environment: + type: string + readOnly: true + error_reporting_send_pii: + type: boolean + readOnly: true + required: + - branding_logo + - branding_title + - error_reporting_enabled + - error_reporting_environment + - error_reporting_send_pii + - ui_footer_links + ConsentStage: + type: object + description: ConsentStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ConsentStageModeEnum: + enum: + - always_require + - permanent + - expiring + type: string + ConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + Coordinate: + type: object + description: Coordinates for diagrams + properties: + x_cord: + type: integer + readOnly: true + y_cord: + type: integer + readOnly: true + required: + - x_cord + - y_cord + DenyStage: + type: object + description: DenyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + DesignationEnum: + enum: + - authentication + - authorization + - invalidation + - enrollment + - unenrollment + - recovery + - stage_configuration + type: string + DeviceClassesEnum: + enum: + - static + - totp + - webauthn + type: string + DigestAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#sha1 + - http://www.w3.org/2001/04/xmlenc#sha256 + - http://www.w3.org/2001/04/xmldsig-more#sha384 + - http://www.w3.org/2001/04/xmlenc#sha512 + type: string + DigitsEnum: + enum: + - 6 + - 8 + type: integer + DockerServiceConnection: + type: object + description: DockerServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - component + - name + - pk + - url + - verbose_name + - verbose_name_plural + DockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - name + - url + DummyPolicy: + type: object + description: Dummy Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + DummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + DummyStage: + type: object + description: DummyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + EmailStage: + type: object + description: EmailStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + EmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - name + ErrorDetail: + type: object + description: Serializer for rest_framework's error messages + properties: + string: + type: string + code: + type: string + required: + - code + - string + Event: + type: object + description: Event Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Event uuid + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + created: + type: string + format: date-time + readOnly: true + expires: + type: string + format: date-time + required: + - action + - app + - created + - pk + EventMatcherPolicy: + type: object + description: Event Matcher Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + EventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + EventRequest: + type: object + description: Event Serializer + properties: + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + expires: + type: string + format: date-time + required: + - action + - app + EventTopPerUser: + type: object + description: Response object of Event's top_per_user + properties: + application: + type: object + additionalProperties: {} + counted_events: + type: integer + unique_users: + type: integer + required: + - application + - counted_events + - unique_users + ExpiringBaseGrantModel: + type: object + description: Serializer for BaseGrantModel and ExpiringBaseGrant + properties: + pk: + type: integer + readOnly: true + title: ID + provider: + $ref: '#/components/schemas/OAuth2Provider' + user: + $ref: '#/components/schemas/User' + is_expired: + type: boolean + readOnly: true + expires: + type: string + format: date-time + scope: + type: array + items: + type: string + required: + - is_expired + - pk + - provider + - scope + - user + ExpressionPolicy: + type: object + description: Group Membership Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + expression: + type: string + required: + - bound_to + - component + - expression + - pk + - verbose_name + - verbose_name_plural + ExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + required: + - expression + Flow: + type: object + description: Flow Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Flow uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: uri + description: Background shown during execution + stages: + type: array + items: + type: string + format: uuid + readOnly: true + policies: + type: array + items: + type: string + format: uuid + readOnly: true + cache_count: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - cache_count + - designation + - name + - pk + - policies + - policybindingmodel_ptr_id + - slug + - stages + - title + FlowDiagram: + type: object + description: response of the flow's diagram action + properties: + diagram: + type: string + readOnly: true + required: + - diagram + FlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: binary + description: Background shown during execution + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - designation + - name + - slug + - title + FlowStageBinding: + type: object + description: FlowStageBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Fsb uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + target: + type: string + format: uuid + stage: + type: string + format: uuid + stage_obj: + allOf: + - $ref: '#/components/schemas/Stage' + readOnly: true + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - order + - pk + - policybindingmodel_ptr_id + - stage + - stage_obj + - target + FlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - order + - stage + - target + FooterLink: + type: object + description: Links returned in Config API + properties: + href: + type: string + readOnly: true + name: + type: string + readOnly: true + required: + - href + - name + Group: + type: object + description: Group Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Group uuid + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - pk + - users + GroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - users + HaveIBeenPwendPolicy: + type: object + description: Have I Been Pwned Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + HaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + IPReputation: + type: object + description: IPReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - ip + - pk + - updated + IPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - ip + IdentificationStage: + type: object + description: IdentificationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + IdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - name + IntentEnum: + enum: + - verification + - api + - recovery + type: string + Invitation: + type: object + description: Invitation Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Invite uuid + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + created_by: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + required: + - created_by + - pk + InvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + InvitationStage: + type: object + description: InvitationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + InvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - name + IssuerModeEnum: + enum: + - global + - per_provider + type: string + JwtAlgEnum: + enum: + - HS256 + - RS256 + type: string + KubernetesServiceConnection: + type: object + description: KubernetesServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + KubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - name + LDAPOutpostConfig: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + base_dn: + type: string + description: DN under which objects are accessible. + bind_flow_slug: + type: string + application_slug: + type: string + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - application_slug + - bind_flow_slug + - name + - pk + LDAPPropertyMapping: + type: object + description: LDAP PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + object_field: + type: string + required: + - component + - expression + - name + - object_field + - pk + - verbose_name + - verbose_name_plural + LDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + required: + - expression + - name + - object_field + LDAPProvider: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + LDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - authorization_flow + - name + LDAPSource: + type: object + description: LDAP Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - component + - name + - pk + - server_uri + - slug + - verbose_name + - verbose_name_plural + LDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - bind_password + - name + - server_uri + - slug + Link: + type: object + description: Returns a single link + properties: + link: + type: string + required: + - link + LoginMetrics: + type: object + description: Login Metrics per 1h + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - logins_failed_per_1h + - logins_per_1h + NameIdPolicyEnum: + enum: + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName + - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + type: string + Nested: + type: object + properties: + id: + type: integer + readOnly: true + token: + type: string + maxLength: 16 + device: + allOf: + - $ref: '#/components/schemas/Nested' + readOnly: true + required: + - device + - id + - token + NestedRequest: + type: object + properties: + token: + type: string + maxLength: 16 + required: + - token + NotConfiguredActionEnum: + enum: + - skip + - deny + - configure + type: string + Notification: + type: object + description: Notification Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + readOnly: true + body: + type: string + readOnly: true + created: + type: string + format: date-time + readOnly: true + event: + $ref: '#/components/schemas/Event' + seen: + type: boolean + required: + - body + - created + - pk + - severity + NotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + NotificationRule: + type: object + description: NotificationRule Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + required: + - group_obj + - name + - pk + - transports + NotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + required: + - name + - transports + NotificationTransport: + type: object + description: NotificationTransport Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + mode_verbose: + type: string + readOnly: true + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - mode_verbose + - name + - pk + NotificationTransportModeEnum: + enum: + - webhook + - webhook_slack + - email + type: string + NotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - name + NotificationTransportTest: + type: object + description: Notification test serializer + properties: + messages: + type: array + items: + type: string + required: + - messages + OAuth2Provider: + type: object + description: OAuth2Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + OAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - authorization_flow + - name + OAuth2ProviderSetupURLs: + type: object + description: OAuth2 Provider Metadata serializer + properties: + issuer: + type: string + readOnly: true + authorize: + type: string + readOnly: true + token: + type: string + readOnly: true + user_info: + type: string + readOnly: true + provider_info: + type: string + readOnly: true + logout: + type: string + readOnly: true + required: + - authorize + - issuer + - logout + - provider_info + - token + - user_info + OAuthSource: + type: object + description: OAuth Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + callback_url: + type: string + readOnly: true + type: + allOf: + - $ref: '#/components/schemas/SourceType' + readOnly: true + required: + - callback_url + - component + - consumer_key + - name + - pk + - provider_type + - slug + - type + - verbose_name + - verbose_name_plural + OAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + required: + - consumer_key + - consumer_secret + - name + - provider_type + - slug + OpenIDConnectConfiguration: + type: object + description: rest_framework Serializer for OIDC Configuration + properties: + issuer: + type: string + authorization_endpoint: + type: string + token_endpoint: + type: string + userinfo_endpoint: + type: string + end_session_endpoint: + type: string + introspection_endpoint: + type: string + jwks_uri: + type: string + response_types_supported: + type: array + items: + type: string + id_token_signing_alg_values_supported: + type: array + items: + type: string + subject_types_supported: + type: array + items: + type: string + token_endpoint_auth_methods_supported: + type: array + items: + type: string + required: + - authorization_endpoint + - end_session_endpoint + - id_token_signing_alg_values_supported + - introspection_endpoint + - issuer + - jwks_uri + - response_types_supported + - subject_types_supported + - token_endpoint + - token_endpoint_auth_methods_supported + - userinfo_endpoint + Outpost: + type: object + description: Outpost Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + providers_obj: + type: array + items: + $ref: '#/components/schemas/Provider' + readOnly: true + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + token_identifier: + type: string + readOnly: true + config: + type: object + additionalProperties: {} + required: + - config + - name + - pk + - providers + - providers_obj + - token_identifier + OutpostDefaultConfig: + type: object + description: Global default outpost config + properties: + config: + type: object + additionalProperties: {} + readOnly: true + required: + - config + OutpostHealth: + type: object + description: Outpost health status + properties: + last_seen: + type: string + format: date-time + readOnly: true + version: + type: string + readOnly: true + version_should: + type: string + readOnly: true + version_outdated: + type: boolean + readOnly: true + required: + - last_seen + - version + - version_outdated + - version_should + OutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + required: + - config + - name + - providers + OutpostTypeEnum: + enum: + - proxy + - ldap + type: string + PaginatedApplicationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Application' + PaginatedAuthenticateWebAuthnStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + PaginatedAuthenticatorStaticStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorStaticStage' + PaginatedAuthenticatorTOTPStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + PaginatedAuthenticatorValidateStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorValidateStage' + PaginatedCaptchaStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/CaptchaStage' + PaginatedCertificateKeyPairList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/CertificateKeyPair' + PaginatedConsentStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ConsentStage' + PaginatedDenyStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DenyStage' + PaginatedDockerServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DockerServiceConnection' + PaginatedDummyPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DummyPolicy' + PaginatedDummyStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DummyStage' + PaginatedEmailStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EmailStage' + PaginatedEventList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Event' + PaginatedEventMatcherPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EventMatcherPolicy' + PaginatedEventTopPerUserList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EventTopPerUser' + PaginatedExpiringBaseGrantModelList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + PaginatedExpressionPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ExpressionPolicy' + PaginatedFlowList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Flow' + PaginatedFlowStageBindingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/FlowStageBinding' + PaginatedGroupList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Group' + PaginatedHaveIBeenPwendPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + PaginatedIPReputationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/IPReputation' + PaginatedIdentificationStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/IdentificationStage' + PaginatedInvitationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Invitation' + PaginatedInvitationStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/InvitationStage' + PaginatedKubernetesServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/KubernetesServiceConnection' + PaginatedLDAPOutpostConfigList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPOutpostConfig' + PaginatedLDAPPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPPropertyMapping' + PaginatedLDAPProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPProvider' + PaginatedLDAPSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPSource' + PaginatedNotificationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Notification' + PaginatedNotificationRuleList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/NotificationRule' + PaginatedNotificationTransportList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/NotificationTransport' + PaginatedOAuth2ProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OAuth2Provider' + PaginatedOAuthSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OAuthSource' + PaginatedOutpostHealthList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OutpostHealth' + PaginatedOutpostList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Outpost' + PaginatedPasswordExpiryPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordExpiryPolicy' + PaginatedPasswordPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordPolicy' + PaginatedPasswordStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordStage' + PaginatedPlexSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PlexSource' + PaginatedPolicyBindingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PolicyBinding' + PaginatedPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Policy' + PaginatedPromptList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Prompt' + PaginatedPromptStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PromptStage' + PaginatedPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PropertyMapping' + PaginatedProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Provider' + PaginatedProxyOutpostConfigList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ProxyOutpostConfig' + PaginatedProxyProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ProxyProvider' + PaginatedReputationPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ReputationPolicy' + PaginatedSAMLPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLPropertyMapping' + PaginatedSAMLProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLProvider' + PaginatedSAMLSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLSource' + PaginatedScopeMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ScopeMapping' + PaginatedServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ServiceConnection' + PaginatedSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Source' + PaginatedStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Stage' + PaginatedStaticDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/StaticDevice' + PaginatedTOTPDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/TOTPDevice' + PaginatedTokenList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Token' + PaginatedUserConsentList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserConsent' + PaginatedUserDeleteStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserDeleteStage' + PaginatedUserList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/User' + PaginatedUserLoginStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserLoginStage' + PaginatedUserLogoutStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserLogoutStage' + PaginatedUserOAuthSourceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserOAuthSourceConnection' + PaginatedUserReputationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserReputation' + PaginatedUserWriteStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserWriteStage' + PaginatedWebAuthnDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/WebAuthnDevice' + PasswordExpiryPolicy: + type: object + description: Password Expiry Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - bound_to + - component + - days + - pk + - verbose_name + - verbose_name_plural + PasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - days + PasswordPolicy: + type: object + description: Password Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - bound_to + - component + - error_message + - pk + - verbose_name + - verbose_name_plural + PasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - error_message + PasswordStage: + type: object + description: PasswordStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - component + - name + - pk + - verbose_name + - verbose_name_plural + PasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - name + PatchedApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: binary + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedAuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + PatchedAuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedAuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + PatchedAuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + PatchedCaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + PatchedCertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + PatchedConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + PatchedDenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedDockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + PatchedDummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedDummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedEmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + PatchedEventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + PatchedExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + PatchedFlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: binary + description: Background shown during execution + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedFlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedGroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + PatchedHaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + PatchedInvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + PatchedInvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + PatchedKubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + PatchedLDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + PatchedLDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + PatchedLDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + PatchedNotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + PatchedNotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + PatchedNotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + PatchedOAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + PatchedOAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + PatchedOutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + PatchedPasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + PatchedPasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + PatchedPasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + PatchedPlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + PatchedPolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + PatchedPromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + PatchedPromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + PatchedProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + PatchedReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedSAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + PatchedSAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + PatchedSAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + PatchedScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + PatchedStaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + PatchedUserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + PatchedUserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + PatchedUserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedUserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + PatchedUserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedWebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + PlexSource: + type: object + description: Plex Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + PlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - name + - slug + PlexTokenRedeemRequest: + type: object + description: Serializer to redeem a plex token + properties: + plex_token: + type: string + required: + - plex_token + Policy: + type: object + description: Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + PolicyBinding: + type: object + description: PolicyBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy binding uuid + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + policy_obj: + allOf: + - $ref: '#/components/schemas/Policy' + readOnly: true + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + user_obj: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - group_obj + - order + - pk + - policy_obj + - target + - user_obj + PolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - order + - target + PolicyEngineModeEnum: + enum: + - all + - any + type: string + PolicyRequest: + type: object + description: Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + PolicyTestRequest: + type: object + description: Test policy execution for a user with context + properties: + user: + type: integer + context: + type: object + additionalProperties: {} + required: + - user + PolicyTestResult: + type: object + description: result of a policy test + properties: + passing: + type: boolean + messages: + type: array + items: + type: string + readOnly: true + required: + - messages + - passing + Prompt: + type: object + description: Prompt Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Prompt uuid + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/Stage' + required: + - field_key + - label + - pk + - type + PromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + required: + - field_key + - label + - type + PromptStage: + type: object + description: PromptStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - component + - fields + - name + - pk + - verbose_name + - verbose_name_plural + PromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - fields + - name + PromptTypeEnum: + enum: + - text + - username + - email + - password + - number + - checkbox + - date + - date-time + - separator + - hidden + - static + type: string + PropertyMapping: + type: object + description: PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - expression + - name + - pk + - verbose_name + - verbose_name_plural + PropertyMappingTestResult: + type: object + description: Result of a Property-mapping test + properties: + result: + type: string + readOnly: true + successful: + type: boolean + readOnly: true + required: + - result + - successful + Provider: + type: object + description: Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + ProviderRequest: + type: object + description: Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + required: + - authorization_flow + - name + ProxyOutpostConfig: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + oidc_configuration: + allOf: + - $ref: '#/components/schemas/OpenIDConnectConfiguration' + readOnly: true + cookie_secret: + type: string + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - external_host + - name + - oidc_configuration + - pk + ProxyProvider: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + redirect_uris: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - external_host + - name + - pk + - redirect_uris + - verbose_name + - verbose_name_plural + ProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - authorization_flow + - external_host + - name + RedirectChallenge: + type: object + description: Challenge type to redirect the client + properties: + type: + $ref: '#/components/schemas/Type4f1Enum' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + to: + type: string + required: + - to + - type + ReputationPolicy: + type: object + description: Reputation Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + ReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + SAMLMetadata: + type: object + description: SAML Provider Metadata serializer + properties: + metadata: + type: string + readOnly: true + required: + - metadata + SAMLPropertyMapping: + type: object + description: SAMLPropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - component + - expression + - name + - pk + - saml_name + - verbose_name + - verbose_name_plural + SAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - expression + - name + - saml_name + SAMLProvider: + type: object + description: SAMLProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + SAMLProviderImportRequest: + type: object + description: Import saml provider from XML Metadata + properties: + name: + type: string + authorization_flow: + type: string + file: + type: string + format: binary + required: + - authorization_flow + - file + - name + SAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - authorization_flow + - name + SAMLSource: + type: object + description: SAMLSource Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - pre_authentication_flow + - slug + - sso_url + - verbose_name + - verbose_name_plural + SAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + - pre_authentication_flow + - slug + - sso_url + ScopeMapping: + type: object + description: ScopeMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - component + - expression + - name + - pk + - scope_name + - verbose_name + - verbose_name_plural + ScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - expression + - name + - scope_name + ServiceConnection: + type: object + description: ServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ServiceConnectionState: + type: object + description: Serializer for Service connection state + properties: + healthy: + type: boolean + readOnly: true + version: + type: string + readOnly: true + required: + - healthy + - version + SessionUser: + type: object + description: |- + Response for the /user/me endpoint, returns the currently active user (as `user` property) + and, if this user is being impersonated, the original user in the `original` property. + properties: + user: + $ref: '#/components/schemas/User' + original: + $ref: '#/components/schemas/User' + required: + - user + SeverityEnum: + enum: + - notice + - warning + - alert + type: string + SignatureAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#rsa-sha1 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 + - http://www.w3.org/2000/09/xmldsig#dsa-sha1 + type: string + Source: + type: object + description: Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + SourceType: + type: object + description: Serializer for SourceType + properties: + name: + type: string + slug: + type: string + urls_customizable: + type: boolean + request_token_url: + type: string + readOnly: true + nullable: true + authorization_url: + type: string + readOnly: true + nullable: true + access_token_url: + type: string + readOnly: true + nullable: true + profile_url: + type: string + readOnly: true + nullable: true + required: + - access_token_url + - authorization_url + - name + - profile_url + - request_token_url + - slug + - urls_customizable + SpBindingEnum: + enum: + - redirect + - post + type: string + Stage: + type: object + description: Stage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + StageRequest: + type: object + description: Stage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + StageUserSetting: + type: object + description: User settings but can include a configure flow + properties: + object_uid: + type: string + component: + type: string + title: + type: string + configure_flow: + type: boolean + required: + - component + - object_uid + - title + StaticDevice: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + token_set: + type: array + items: + $ref: '#/components/schemas/Nested' + readOnly: true + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + - token_set + StaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + StatusEnum: + enum: + - SUCCESSFUL + - WARNING + - ERROR + type: string + SubModeEnum: + enum: + - hashed_user_id + - user_username + - user_email + - user_upn + type: string + TOTPDevice: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + TOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + Task: + type: object + description: Serialize TaskInfo and TaskResult + properties: + task_name: + type: string + task_description: + type: string + task_finish_timestamp: + type: string + format: date-time + status: + $ref: '#/components/schemas/StatusEnum' + messages: + type: array + items: {} + required: + - messages + - status + - task_description + - task_finish_timestamp + - task_name + Token: + type: object + description: Token Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Token uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/User' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + - pk + TokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + TokenView: + type: object + description: Show token's current key + properties: + key: + type: string + readOnly: true + required: + - key + Type4f1Enum: + enum: + - native + - shell + - redirect + type: string + TypeCreate: + type: object + description: Types of an object that can be created + properties: + name: + type: string + description: + type: string + component: + type: string + model_name: + type: string + required: + - component + - description + - model_name + - name + User: + type: object + description: User Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + is_superuser: + type: boolean + readOnly: true + groups: + type: array + items: + $ref: '#/components/schemas/Group' + readOnly: true + email: + type: string + format: email + title: Email address + maxLength: 254 + avatar: + type: string + readOnly: true + attributes: + type: object + additionalProperties: {} + uid: + type: string + readOnly: true + required: + - avatar + - groups + - is_superuser + - name + - pk + - uid + - username + UserConsent: + type: object + description: UserConsent Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + expires: + type: string + format: date-time + user: + $ref: '#/components/schemas/User' + application: + $ref: '#/components/schemas/Application' + required: + - application + - pk + - user + UserDeleteStage: + type: object + description: UserDeleteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserFieldsEnum: + enum: + - email + - username + type: string + UserLoginStage: + type: object + description: UserLoginStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - name + UserLogoutStage: + type: object + description: UserLogoutStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserMatchingModeEnum: + enum: + - identifier + - email_link + - email_deny + - username_link + - username_deny + type: string + UserMetrics: + type: object + description: User Metrics + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + authorizations_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - authorizations_per_1h + - logins_failed_per_1h + - logins_per_1h + UserOAuthSourceConnection: + type: object + description: OAuth Source Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - pk + - source + - user + UserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - source + - user + UserReputation: + type: object + description: UserReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - pk + - updated + - user + UserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - user + UserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + required: + - name + - username + UserSetting: + type: object + description: Serializer for User settings for stages and sources + properties: + object_uid: + type: string + component: + type: string + title: + type: string + required: + - component + - object_uid + - title + UserWriteStage: + type: object + description: UserWriteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + Version: + type: object + description: Get running and latest version. + properties: + version_current: + type: string + readOnly: true + version_latest: + type: string + readOnly: true + build_hash: + type: string + readOnly: true + outdated: + type: boolean + readOnly: true + required: + - build_hash + - outdated + - version_current + - version_latest + WebAuthnDevice: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + maxLength: 200 + created_on: + type: string + format: date-time + readOnly: true + required: + - created_on + - name + - pk + WebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + required: + - name + securitySchemes: + authentik: + type: apiKey + in: header + name: Authorization + cookieAuth: + type: apiKey + in: cookie + name: Session From 0bac738090f1305ea5a56753f4a7c232adf2a306 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 13:26:58 +0200 Subject: [PATCH 02/35] *: fix static response descriptions Signed-off-by: Jens Langhammer --- Makefile | 2 +- authentik/admin/api/tasks.py | 16 ++++++--- authentik/api/auth.py | 10 +++--- authentik/core/api/applications.py | 11 +++--- authentik/core/api/propertymappings.py | 7 ++-- authentik/core/api/providers.py | 2 +- authentik/core/api/sources.py | 2 +- authentik/core/api/tokens.py | 4 +-- authentik/core/api/users.py | 7 ++-- authentik/crypto/api.py | 7 ++-- authentik/events/api/event.py | 4 +-- .../events/api/notification_transport.py | 8 ++--- authentik/flows/api/flows.py | 33 ++++++++++-------- authentik/flows/views.py | 6 ++-- authentik/policies/api/policies.py | 12 +++++-- authentik/providers/oauth2/api/provider.py | 7 ++-- authentik/providers/saml/api.py | 9 +++-- authentik/root/settings.py | 3 ++ authentik/sources/ldap/api.py | 9 +++-- authentik/sources/plex/api.py | 6 ++-- authentik/stages/authenticator_static/api.py | 1 - schema.yml | 34 +++++++++++++++++++ 22 files changed, 136 insertions(+), 64 deletions(-) diff --git a/Makefile b/Makefile index 9d2a0c53b..5c8b41fd1 100644 --- a/Makefile +++ b/Makefile @@ -26,7 +26,7 @@ lint: pylint authentik tests lifecycle gen: - ./manage.py spectacular --file schema.yml + ./manage.py spectacular --file schema.yaml --validate --fail-on-warn docker run \ --rm -v ${PWD}:/local \ openapitools/openapi-generator-cli generate \ diff --git a/authentik/admin/api/tasks.py b/authentik/admin/api/tasks.py index 2e87b208b..43b77810e 100644 --- a/authentik/admin/api/tasks.py +++ b/authentik/admin/api/tasks.py @@ -4,7 +4,7 @@ from importlib import import_module from django.contrib import messages from django.http.response import Http404 from django.utils.translation import gettext_lazy as _ -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField from rest_framework.permissions import IsAdminUser @@ -34,8 +34,14 @@ class TaskViewSet(ViewSet): """Read-only view set that returns all background tasks""" permission_classes = [IsAdminUser] + serializer_class = TaskSerializer - @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) + @extend_schema( + responses={ + 200: TaskSerializer(many=False), + 404: OpenApiResponse(description="Task not found"), + } + ) # pylint: disable=invalid-name def retrieve(self, request: Request, pk=None) -> Response: """Get a single system task""" @@ -52,9 +58,9 @@ class TaskViewSet(ViewSet): @extend_schema( responses={ - 204: "Task retried successfully", - 404: "Task not found", - 500: "Failed to retry task", + 204: OpenApiResponse(description="Task retried successfully"), + 404: OpenApiResponse(description="Task not found"), + 500: OpenApiResponse(description="Failed to retry task"), } ) @action(detail=True, methods=["post"]) diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 852f1d9db..8fa5ca963 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -3,11 +3,11 @@ from base64 import b64decode from binascii import Error from typing import Any, Optional, Union +from drf_spectacular.authentication import OpenApiAuthenticationExtension from rest_framework.authentication import BaseAuthentication, get_authorization_header from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request from structlog.stdlib import get_logger -from drf_spectacular.authentication import OpenApiAuthenticationExtension from authentik.core.models import Token, TokenIntents, User @@ -60,11 +60,11 @@ class AuthentikTokenAuthentication(BaseAuthentication): class TokenSchema(OpenApiAuthenticationExtension): target_class = AuthentikTokenAuthentication - name = 'authentik' + name = "authentik" def get_security_definition(self, auto_schema): return { - 'type': 'apiKey', - 'in': 'header', - 'name': 'Authorization', + "type": "apiKey", + "in": "header", + "name": "Authorization", } diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index 9ae803332..ac6824c90 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -6,7 +6,7 @@ from django.db.models import QuerySet from django.http.response import HttpResponseBadRequest from django.shortcuts import get_object_or_404 from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import SerializerMethodField from rest_framework.parsers import MultiPartParser @@ -94,8 +94,8 @@ class ApplicationViewSet(ModelViewSet): @extend_schema( responses={ - 204: "Access granted", - 403: "Access denied", + 204: OpenApiResponse(description="Access granted"), + 403: OpenApiResponse(description="Access denied"), } ) @action(detail=True, methods=["GET"]) @@ -161,7 +161,10 @@ class ApplicationViewSet(ModelViewSet): required=True, ) ], - responses={200: "Success", 400: "Bad request"}, + responses={ + 200: OpenApiResponse(description="Success"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action( detail=True, diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py index 8904ac32b..798a7a722 100644 --- a/authentik/core/api/propertymappings.py +++ b/authentik/core/api/propertymappings.py @@ -2,7 +2,7 @@ from json import dumps from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -102,7 +102,10 @@ class PropertyMappingViewSet( @permission_required("authentik_core.view_propertymapping") @extend_schema( request=PolicyTestSerializer(), - responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"}, + responses={ + 200: PropertyMappingTestResultSerializer, + 400: OpenApiResponse(description="Invalid parameters"), + }, parameters=[ OpenApiParameter( name="format_result", diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py index 5e4042603..a6a7c2e88 100644 --- a/authentik/core/api/providers.py +++ b/authentik/core/api/providers.py @@ -22,7 +22,7 @@ class ProviderSerializer(ModelSerializer, MetaNameSerializer): component = SerializerMethodField() - def get_component(self, obj: Provider): # pragma: no cover + def get_component(self, obj: Provider) -> str: # pragma: no cover """Get object component so that we know how to edit the object""" # pyright: reportGeneralTypeIssues=false if obj.__class__ == Provider: diff --git a/authentik/core/api/sources.py b/authentik/core/api/sources.py index 7a4b795b7..def370b2a 100644 --- a/authentik/core/api/sources.py +++ b/authentik/core/api/sources.py @@ -24,7 +24,7 @@ class SourceSerializer(ModelSerializer, MetaNameSerializer): component = SerializerMethodField() - def get_component(self, obj: Source): + def get_component(self, obj: Source) -> str: """Get object component so that we know how to edit the object""" # pyright: reportGeneralTypeIssues=false if obj.__class__ == Source: diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index 793338271..9ef14ac9b 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -1,6 +1,6 @@ """Tokens API Viewset""" from django.http.response import Http404 -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField from rest_framework.request import Request @@ -70,7 +70,7 @@ class TokenViewSet(ModelViewSet): @extend_schema( responses={ 200: TokenViewSerializer(many=False), - 404: "Token not found or expired", + 404: OpenApiResponse(description="Token not found or expired"), } ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index c92676162..39aeb696c 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -7,7 +7,7 @@ from django.urls import reverse_lazy from django.utils.http import urlencode from django_filters.filters import BooleanFilter, CharFilter from django_filters.filterset import FilterSet -from drf_spectacular.utils import extend_schema, extend_schema_field +from drf_spectacular.utils import OpenApiResponse, extend_schema, extend_schema_field from guardian.utils import get_anonymous_user from rest_framework.decorators import action from rest_framework.fields import CharField, JSONField, SerializerMethodField @@ -170,7 +170,10 @@ class UserViewSet(ModelViewSet): @permission_required("authentik_core.reset_user_password") @extend_schema( - responses={"200": LinkSerializer(many=False), "404": "No recovery flow found."}, + responses={ + "200": LinkSerializer(many=False), + "404": OpenApiResponse(description="No recovery flow found."), + }, ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name, unused-argument diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index c277f3c45..e7b54cb68 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -6,7 +6,7 @@ from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse from django.utils.translation import gettext_lazy as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import ( CharField, @@ -127,7 +127,10 @@ class CertificateKeyPairViewSet(ModelViewSet): @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) @extend_schema( request=CertificateGenerationSerializer(), - responses={200: CertificateKeyPairSerializer, 400: "Bad request"}, + responses={ + 200: CertificateKeyPairSerializer, + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def generate(self, request: Request) -> Response: diff --git a/authentik/events/api/event.py b/authentik/events/api/event.py index 307593e2e..5cf5e7992 100644 --- a/authentik/events/api/event.py +++ b/authentik/events/api/event.py @@ -1,8 +1,8 @@ """Events API Views""" -from drf_spectacular.types import OpenApiTypes import django_filters from django.db.models.aggregates import Count from django.db.models.fields.json import KeyTextTransform +from drf_spectacular.types import OpenApiTypes from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action @@ -116,7 +116,7 @@ class EventViewSet(ReadOnlyModelViewSet): location=OpenApiParameter.QUERY, required=False, ) - ] + ], ) @action(detail=False, methods=["GET"]) def top_per_user(self, request: Request): diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index 24225e39e..05b857e87 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -1,6 +1,6 @@ """NotificationTransport API Views""" from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.request import Request @@ -23,7 +23,7 @@ class NotificationTransportSerializer(ModelSerializer): mode_verbose = SerializerMethodField() - def get_mode_verbose(self, instance: NotificationTransport): + def get_mode_verbose(self, instance: NotificationTransport) -> str: """Return selected mode with a UI Label""" return TransportMode(instance.mode).label @@ -62,7 +62,7 @@ class NotificationTransportViewSet(ModelViewSet): @extend_schema( responses={ 200: NotificationTransportTestSerializer(many=False), - 503: "Failed to test transport", + 500: OpenApiResponse(description="Failed to test transport"), }, request=OpenApiTypes.NONE, ) @@ -84,4 +84,4 @@ class NotificationTransportViewSet(ModelViewSet): response.is_valid() return Response(response.data) except NotificationTransportError as exc: - return Response(str(exc.__cause__ or None), status=503) + return Response(str(exc.__cause__ or None), status=500) diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index 4d2f11455..5fba69aa4 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -7,12 +7,7 @@ from django.http.response import HttpResponseBadRequest, JsonResponse from django.urls import reverse from django.utils.translation import gettext as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import ( - OpenApiParameter, - OpenApiResponse, - OpenApiSchemaBase, - extend_schema, -) +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.parsers import MultiPartParser @@ -46,7 +41,7 @@ class FlowSerializer(ModelSerializer): cache_count = SerializerMethodField() - def get_cache_count(self, flow: Flow): + def get_cache_count(self, flow: Flow) -> int: """Get count of cached flows""" return len(cache.keys(f"{cache_key(flow)}*")) @@ -111,7 +106,10 @@ class FlowViewSet(ModelViewSet): @permission_required(None, ["authentik_flows.clear_flow_cache"]) @extend_schema( request=OpenApiTypes.NONE, - responses={204: "Successfully cleared cache", 400: "Bad request"}, + responses={ + 204: OpenApiResponse(description="Successfully cleared cache"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def cache_clear(self, request: Request) -> Response: @@ -148,7 +146,10 @@ class FlowViewSet(ModelViewSet): required=True, ) ], - responses={204: "Successfully imported flow", 400: "Bad request"}, + responses={ + 204: OpenApiResponse(description="Successfully imported flow"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) def import_flow(self, request: Request) -> Response: @@ -178,9 +179,7 @@ class FlowViewSet(ModelViewSet): ) @extend_schema( responses={ - "200": OpenApiResponse( - response=OpenApiParameter("File Attachment", type=OpenApiTypes.BINARY) - ), + "200": OpenApiResponse(response=OpenApiTypes.BINARY), }, ) @action(detail=True, pagination_class=None, filter_backends=[]) @@ -274,7 +273,10 @@ class FlowViewSet(ModelViewSet): required=True, ) ], - responses={200: "Success", 400: "Bad request"}, + responses={ + 200: OpenApiResponse(description="Success"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action( detail=True, @@ -295,7 +297,10 @@ class FlowViewSet(ModelViewSet): return Response({}) @extend_schema( - responses={200: LinkSerializer(many=False), 400: "Flow not applicable"}, + responses={ + 200: LinkSerializer(many=False), + 400: OpenApiResponse(description="Flow not applicable"), + }, ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument diff --git a/authentik/flows/views.py b/authentik/flows/views.py index d279d6211..cd42f77a1 100644 --- a/authentik/flows/views.py +++ b/authentik/flows/views.py @@ -11,7 +11,7 @@ from django.utils.decorators import method_decorator from django.views.decorators.clickjacking import xframe_options_sameorigin from django.views.generic import View from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.permissions import AllowAny from rest_framework.views import APIView from sentry_sdk import capture_exception @@ -128,7 +128,9 @@ class FlowExecutorView(APIView): @extend_schema( responses={ 200: Challenge(), - 404: "No Token found", # This error can be raised by the email stage + 404: OpenApiResponse( + description="No Token found" + ), # This error can be raised by the email stage }, request=OpenApiTypes.NONE, parameters=[ diff --git a/authentik/policies/api/policies.py b/authentik/policies/api/policies.py index f4cd0afdf..9de4e0b66 100644 --- a/authentik/policies/api/policies.py +++ b/authentik/policies/api/policies.py @@ -1,7 +1,7 @@ """policy API Views""" from django.core.cache import cache from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -124,7 +124,10 @@ class PolicyViewSet( @permission_required(None, ["authentik_policies.clear_policy_cache"]) @extend_schema( request=OpenApiTypes.NONE, - responses={204: "Successfully cleared cache", 400: "Bad request"}, + responses={ + 204: OpenApiResponse(description="Successfully cleared cache"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"]) def cache_clear(self, request: Request) -> Response: @@ -140,7 +143,10 @@ class PolicyViewSet( @permission_required("authentik_policies.view_policy") @extend_schema( request=PolicyTestSerializer(), - responses={200: PolicyTestResultSerializer(), 400: "Invalid parameters"}, + responses={ + 200: PolicyTestResultSerializer(), + 400: OpenApiResponse(description="Invalid parameters"), + }, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) # pylint: disable=unused-argument, invalid-name diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index d556e1bbe..cf239b4a4 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -2,7 +2,7 @@ from django.db.models.base import Model from django.urls import reverse from django.utils.translation import gettext_lazy as _ -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField from rest_framework.generics import get_object_or_404 @@ -61,9 +61,6 @@ class OAuth2ProviderSetupURLs(PassiveSerializer): provider_info = ReadOnlyField() logout = ReadOnlyField() - class Meta: - model = Model - class OAuth2ProviderViewSet(ModelViewSet): """OAuth2Provider Viewset""" @@ -74,7 +71,7 @@ class OAuth2ProviderViewSet(ModelViewSet): @extend_schema( responses={ 200: OAuth2ProviderSetupURLs, - 404: "Provider has no application assigned", + 404: OpenApiResponse(description="Provider has no application assigned"), } ) @action(methods=["GET"], detail=True) diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 2a66b4b77..51ee04077 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -6,7 +6,7 @@ from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema, extend_schema_field from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser @@ -83,7 +83,7 @@ class SAMLProviderViewSet(ModelViewSet): @extend_schema( responses={ 200: SAMLMetadataSerializer(many=False), - 404: "Provider has no application assigned", + 404: OpenApiResponse(description="Provider has no application assigned"), }, parameters=[ OpenApiParameter( @@ -120,7 +120,10 @@ class SAMLProviderViewSet(ModelViewSet): ) @extend_schema( request=SAMLProviderImportSerializer(), - responses={204: "Successfully imported provider", 400: "Bad request"}, + responses={ + 204: OpenApiResponse(description="Successfully imported provider"), + 400: OpenApiResponse(description="Bad request"), + }, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) def import_metadata(self, request: Request) -> Response: diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 21d5130a0..011f037af 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -151,6 +151,9 @@ SPECTACULAR_SETTINGS = { "name": "GNU GPLv3", "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", }, + "ENUM_NAME_OVERRIDES": { + "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes" + }, } REST_FRAMEWORK = { diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py index 61aca7c91..9196186f3 100644 --- a/authentik/sources/ldap/api.py +++ b/authentik/sources/ldap/api.py @@ -1,7 +1,7 @@ """Source API Views""" from django.http.response import Http404 from django.utils.text import slugify -from drf_spectacular.utils import extend_schema +from drf_spectacular.utils import OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -48,7 +48,12 @@ class LDAPSourceViewSet(ModelViewSet): serializer_class = LDAPSourceSerializer lookup_field = "slug" - @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) + @extend_schema( + responses={ + 200: TaskSerializer(many=False), + 404: OpenApiResponse(description="Task not found"), + } + ) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def sync_status(self, request: Request, slug: str) -> Response: diff --git a/authentik/sources/plex/api.py b/authentik/sources/plex/api.py index 2210da72b..00200982a 100644 --- a/authentik/sources/plex/api.py +++ b/authentik/sources/plex/api.py @@ -1,7 +1,7 @@ """Plex Source Serializer""" from django.shortcuts import get_object_or_404 from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, extend_schema +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.exceptions import PermissionDenied from rest_framework.fields import CharField @@ -54,8 +54,8 @@ class PlexSourceViewSet(ModelViewSet): request=PlexTokenRedeemSerializer(), responses={ 200: RedirectChallenge(), - 400: "Token not found", - 403: "Access denied", + 400: OpenApiResponse(description="Token not found"), + 403: OpenApiResponse(description="Access denied"), }, parameters=[ OpenApiParameter( diff --git a/authentik/stages/authenticator_static/api.py b/authentik/stages/authenticator_static/api.py index 555a42bab..2bbaf04a5 100644 --- a/authentik/stages/authenticator_static/api.py +++ b/authentik/stages/authenticator_static/api.py @@ -34,7 +34,6 @@ class StaticDeviceSerializer(ModelSerializer): model = StaticDevice fields = ["name", "token_set", "pk"] - depth = 2 class StaticDeviceViewSet(ModelViewSet): diff --git a/schema.yml b/schema.yml index e7f831aec..436453b63 100644 --- a/schema.yml +++ b/schema.yml @@ -105,6 +105,18 @@ paths: required: true tags: - admin + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TaskRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TaskRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TaskRequest' + required: true security: - authentik: [] - cookieAuth: [] @@ -21190,6 +21202,28 @@ components: - task_description - task_finish_timestamp - task_name + TaskRequest: + type: object + description: Serialize TaskInfo and TaskResult + properties: + task_name: + type: string + task_description: + type: string + task_finish_timestamp: + type: string + format: date-time + status: + $ref: '#/components/schemas/StatusEnum' + messages: + type: array + items: {} + required: + - messages + - status + - task_description + - task_finish_timestamp + - task_name Token: type: object description: Token Serializer From cac1f242dce33a2be03e6f9817f23234cf5d1ef6 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 14:13:07 +0200 Subject: [PATCH 03/35] *: replace swagger with openapi Signed-off-by: Jens Langhammer --- .github/workflows/release.yml | 6 +++--- .github/workflows/tag.yml | 2 +- Makefile | 2 +- authentik/api/views.py | 5 +---- authentik/root/settings.py | 1 + azure-pipelines.yml | 4 ++-- outpost/Makefile | 2 +- outpost/azure-pipelines.yml | 2 +- web/azure-pipelines.yml | 2 +- website/developer-docs/local-dev-environment.md | 2 +- website/src/pages/api.jsx | 2 +- website/static/schema.yaml | 1 + 12 files changed, 15 insertions(+), 16 deletions(-) create mode 120000 website/static/schema.yaml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7eb016d5e..c4e444916 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: prepare ts api client run: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/schema.yml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - name: Building Docker Image uses: docker/build-push-action@v2 with: @@ -53,7 +53,7 @@ jobs: run: | cd outpost go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ + swagger generate client -f ../schema.yml -A authentik -t pkg/ go build -v ./cmd/proxy/server.go - name: Set up QEMU uses: docker/setup-qemu-action@v1.1.0 @@ -93,7 +93,7 @@ jobs: run: | cd outpost go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ + swagger generate client -f ../schema.yml -A authentik -t pkg/ go build -v ./cmd/ldap/server.go - name: Set up QEMU uses: docker/setup-qemu-action@v1.1.0 diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index 2f03dc694..609fea503 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@v2 - name: prepare ts api client run: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/schema.yml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - name: Pre-release test run: | sudo apt-get install -y pwgen diff --git a/Makefile b/Makefile index 5c8b41fd1..9d2a0c53b 100644 --- a/Makefile +++ b/Makefile @@ -26,7 +26,7 @@ lint: pylint authentik tests lifecycle gen: - ./manage.py spectacular --file schema.yaml --validate --fail-on-warn + ./manage.py spectacular --file schema.yml docker run \ --rm -v ${PWD}:/local \ openapitools/openapi-generator-cli generate \ diff --git a/authentik/api/views.py b/authentik/api/views.py index 580050ba6..736586cd7 100644 --- a/authentik/api/views.py +++ b/authentik/api/views.py @@ -13,10 +13,7 @@ class SwaggerView(TemplateView): def get_context_data(self, **kwargs: Any) -> dict[str, Any]: path = self.request.build_absolute_uri( reverse( - "authentik_api:schema-json", - kwargs={ - "format": ".json", - }, + "authentik_api:schema", ) ) return super().get_context_data(path=path, **kwargs) diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 011f037af..ea24c745d 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -154,6 +154,7 @@ SPECTACULAR_SETTINGS = { "ENUM_NAME_OVERRIDES": { "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes" }, + "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False } REST_FRAMEWORK = { diff --git a/azure-pipelines.yml b/azure-pipelines.yml index 971ef6db2..c72006a8a 100644 --- a/azure-pipelines.yml +++ b/azure-pipelines.yml @@ -298,7 +298,7 @@ stages: displayName: Build static files for e2e inputs: script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/schema.yml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 sudo chmod 777 -R web/api/ cd web cd api && npm i && cd .. @@ -399,7 +399,7 @@ stages: - task: CmdLine@2 inputs: script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/schema.yml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - task: PublishPipelineArtifact@1 inputs: targetPath: 'web/api/' diff --git a/outpost/Makefile b/outpost/Makefile index d4eaa5f5c..b211789e9 100644 --- a/outpost/Makefile +++ b/outpost/Makefile @@ -2,7 +2,7 @@ all: clean generate generate: go get -u github.com/go-swagger/go-swagger/cmd/swagger - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ + swagger generate client -f ../schema.yml -A authentik -t pkg/ run: go run -v . diff --git a/outpost/azure-pipelines.yml b/outpost/azure-pipelines.yml index b3c39d43b..181a07926 100644 --- a/outpost/azure-pipelines.yml +++ b/outpost/azure-pipelines.yml @@ -28,7 +28,7 @@ stages: sudo wget -O /usr/local/bin/swagger https://github.com/go-swagger/go-swagger/releases/latest/download/swagger_linux_amd64 sudo chmod +x /usr/local/bin/swagger mkdir -p $(go env GOPATH) - swagger generate client -f ../swagger.yaml -A authentik -t pkg/ + swagger generate client -f ../schema.yml -A authentik -t pkg/ workingDirectory: 'outpost/' - task: PublishPipelineArtifact@1 inputs: diff --git a/web/azure-pipelines.yml b/web/azure-pipelines.yml index e7d99859b..248221ad1 100644 --- a/web/azure-pipelines.yml +++ b/web/azure-pipelines.yml @@ -20,7 +20,7 @@ stages: - task: CmdLine@2 inputs: script: | - docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/swagger.yaml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 + docker run --rm -v $(pwd):/local openapitools/openapi-generator-cli generate -i /local/schema.yml -g typescript-fetch -o /local/web/api --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 - task: PublishPipelineArtifact@1 inputs: targetPath: 'web/api/' diff --git a/website/developer-docs/local-dev-environment.md b/website/developer-docs/local-dev-environment.md index 771570e65..52ac61b17 100644 --- a/website/developer-docs/local-dev-environment.md +++ b/website/developer-docs/local-dev-environment.md @@ -44,7 +44,7 @@ If you want to generate the client without installing anything, run this command docker run \ --rm -v $(pwd):/local \ openapitools/openapi-generator-cli generate \ - -i /local/swagger.yaml \ + -i /local/schema.yml \ -g typescript-fetch \ -o /local/web/api \ --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 diff --git a/website/src/pages/api.jsx b/website/src/pages/api.jsx index fb50a8548..8652c682e 100644 --- a/website/src/pages/api.jsx +++ b/website/src/pages/api.jsx @@ -10,7 +10,7 @@ function APIBrowser() { return ( Date: Sun, 16 May 2021 14:43:42 +0200 Subject: [PATCH 04/35] web: Read() to Retrieve() Signed-off-by: Jens Langhammer --- schema.yml | 343 ++++-------------- .../admin-overview/cards/BackupStatusCard.ts | 16 +- .../charts/LDAPSyncStatusChart.ts | 6 +- web/src/pages/applications/ApplicationForm.ts | 2 +- .../pages/applications/ApplicationViewPage.ts | 2 +- .../pages/crypto/CertificateKeyPairForm.ts | 2 +- web/src/pages/events/EventInfoPage.ts | 2 +- web/src/pages/events/RuleForm.ts | 2 +- web/src/pages/events/TransportForm.ts | 2 +- web/src/pages/flows/FlowForm.ts | 2 +- web/src/pages/flows/FlowViewPage.ts | 2 +- web/src/pages/flows/StageBindingForm.ts | 2 +- web/src/pages/groups/GroupForm.ts | 2 +- web/src/pages/outposts/OutpostForm.ts | 2 +- .../outposts/ServiceConnectionDockerForm.ts | 2 +- .../ServiceConnectionKubernetesForm.ts | 2 +- web/src/pages/policies/PolicyBindingForm.ts | 2 +- .../pages/policies/dummy/DummyPolicyForm.ts | 2 +- .../event_matcher/EventMatcherPolicyForm.ts | 2 +- .../pages/policies/expiry/ExpiryPolicyForm.ts | 2 +- .../expression/ExpressionPolicyForm.ts | 2 +- .../policies/hibp/HaveIBeenPwnedPolicyForm.ts | 2 +- .../policies/password/PasswordPolicyForm.ts | 2 +- .../reputation/ReputationPolicyForm.ts | 2 +- .../PropertyMappingLDAPForm.ts | 2 +- .../PropertyMappingSAMLForm.ts | 2 +- .../PropertyMappingScopeForm.ts | 2 +- web/src/pages/providers/ProviderViewPage.ts | 2 +- .../pages/providers/ldap/LDAPProviderForm.ts | 2 +- .../providers/ldap/LDAPProviderViewPage.ts | 2 +- .../providers/oauth2/OAuth2ProviderForm.ts | 2 +- .../oauth2/OAuth2ProviderViewPage.ts | 2 +- .../providers/proxy/ProxyProviderForm.ts | 2 +- .../providers/proxy/ProxyProviderViewPage.ts | 2 +- .../pages/providers/saml/SAMLProviderForm.ts | 2 +- .../providers/saml/SAMLProviderViewPage.ts | 2 +- web/src/pages/sources/SourceViewPage.ts | 2 +- web/src/pages/sources/ldap/LDAPSourceForm.ts | 2 +- .../pages/sources/ldap/LDAPSourceViewPage.ts | 2 +- .../pages/sources/oauth/OAuthSourceForm.ts | 2 +- .../sources/oauth/OAuthSourceViewPage.ts | 2 +- web/src/pages/sources/plex/PlexSourceForm.ts | 2 +- .../pages/sources/plex/PlexSourceViewPage.ts | 2 +- web/src/pages/sources/saml/SAMLSourceForm.ts | 2 +- .../pages/sources/saml/SAMLSourceViewPage.ts | 2 +- .../AuthenticatorStaticStageForm.ts | 2 +- .../AuthenticatorTOTPStageForm.ts | 2 +- .../AuthenticatorValidateStageForm.ts | 2 +- .../AuthenticateWebAuthnStageForm.ts | 2 +- .../pages/stages/captcha/CaptchaStageForm.ts | 2 +- .../pages/stages/consent/ConsentStageForm.ts | 2 +- web/src/pages/stages/deny/DenyStageForm.ts | 2 +- web/src/pages/stages/dummy/DummyStageForm.ts | 2 +- web/src/pages/stages/email/EmailStageForm.ts | 2 +- .../identification/IdentificationStageForm.ts | 2 +- .../pages/stages/invitation/InvitationForm.ts | 2 +- .../stages/invitation/InvitationStageForm.ts | 2 +- .../stages/password/PasswordStageForm.ts | 2 +- web/src/pages/stages/prompt/PromptForm.ts | 2 +- .../pages/stages/prompt/PromptStageForm.ts | 2 +- .../stages/user_delete/UserDeleteStageForm.ts | 2 +- .../stages/user_login/UserLoginStageForm.ts | 2 +- .../stages/user_logout/UserLogoutStageForm.ts | 2 +- .../stages/user_write/UserWriteStageForm.ts | 2 +- .../user-settings/tokens/UserTokenForm.ts | 2 +- web/src/pages/users/UserForm.ts | 2 +- web/src/pages/users/UserViewPage.ts | 2 +- 67 files changed, 140 insertions(+), 353 deletions(-) diff --git a/schema.yml b/schema.yml index 436453b63..97dfea93f 100644 --- a/schema.yml +++ b/schema.yml @@ -86,13 +86,7 @@ paths: $ref: '#/components/schemas/Task' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Task not found /api/v2beta/admin/system_tasks/{id}/retry/: post: operationId: admin_system_tasks_retry_create @@ -122,29 +116,11 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Task retried successfully '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Task not found '500': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Failed to retry task /api/v2beta/admin/version/: get: operationId: admin_version_list @@ -1142,21 +1118,9 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Access granted '403': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Access denied /api/v2beta/core/applications/{slug}/metrics/: get: operationId: core_applications_metrics_list @@ -1206,21 +1170,9 @@ paths: - cookieAuth: [] responses: '200': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Success '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/core/groups/: get: operationId: core_groups_list @@ -1624,13 +1576,7 @@ paths: $ref: '#/components/schemas/TokenView' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Token not found or expired /api/v2beta/core/user_consent/: get: operationId: core_user_consent_list @@ -1970,13 +1916,7 @@ paths: $ref: '#/components/schemas/Link' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: No recovery flow found. /api/v2beta/core/users/me/: get: operationId: core_users_me_retrieve @@ -2267,13 +2207,7 @@ paths: $ref: '#/components/schemas/CertificateKeyPair' description: '' '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/events/events/: get: operationId: events_events_list @@ -3032,14 +2966,8 @@ paths: schema: $ref: '#/components/schemas/NotificationTransportTest' description: '' - '503': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + '500': + description: Failed to test transport /api/v2beta/flows/bindings/: get: operationId: flows_bindings_list @@ -3298,13 +3226,7 @@ paths: $ref: '#/components/schemas/Challenge' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: No Token found post: operationId: flows_executor_solve description: Solve the previously retrieved challenge and advanced to the next @@ -3585,13 +3507,7 @@ paths: $ref: '#/components/schemas/Link' description: '' '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Flow not applicable /api/v2beta/flows/instances/{slug}/export/: get: operationId: flows_instances_export_retrieve @@ -3613,9 +3529,8 @@ paths: content: application/json: schema: - type: object - additionalProperties: {} - description: Unspecified response body + type: string + format: binary description: null /api/v2beta/flows/instances/{slug}/set_background/: post: @@ -3641,21 +3556,9 @@ paths: - cookieAuth: [] responses: '200': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Success '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/flows/instances/cache_clear/: post: operationId: flows_instances_cache_clear_create @@ -3667,21 +3570,9 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Successfully cleared cache '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/flows/instances/cache_info/: get: operationId: flows_instances_cache_info_retrieve @@ -3716,21 +3607,9 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Successfully imported flow '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/oauth2/authorization_codes/: get: operationId: oauth2_authorization_codes_list @@ -5162,13 +5041,7 @@ paths: $ref: '#/components/schemas/PolicyTestResult' description: '' '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Invalid parameters /api/v2beta/policies/all/cache_clear/: post: operationId: policies_all_cache_clear_create @@ -5180,21 +5053,9 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Successfully cleared cache '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/policies/all/cache_info/: get: operationId: policies_all_cache_info_retrieve @@ -7164,13 +7025,7 @@ paths: $ref: '#/components/schemas/PropertyMappingTestResult' description: '' '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Invalid parameters /api/v2beta/propertymappings/all/types/: get: operationId: propertymappings_all_types_list @@ -8209,13 +8064,7 @@ paths: $ref: '#/components/schemas/OAuth2ProviderSetupURLs' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Provider has no application assigned /api/v2beta/providers/proxy/: get: operationId: providers_proxy_list @@ -8597,13 +8446,7 @@ paths: $ref: '#/components/schemas/SAMLMetadata' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Provider has no application assigned /api/v2beta/providers/saml/import_metadata/: post: operationId: providers_saml_import_metadata_create @@ -8621,21 +8464,9 @@ paths: - cookieAuth: [] responses: '204': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Successfully imported provider '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Bad request /api/v2beta/root/config/: get: operationId: root_config_list @@ -9116,13 +8947,7 @@ paths: $ref: '#/components/schemas/Task' description: '' '404': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Task not found /api/v2beta/sources/oauth/: get: operationId: sources_oauth_list @@ -9710,21 +9535,9 @@ paths: $ref: '#/components/schemas/RedirectChallenge' description: '' '400': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Token not found '403': - content: - application/json: - schema: - type: object - additionalProperties: {} - description: Unspecified response body - description: '' + description: Access denied /api/v2beta/sources/saml/: get: operationId: sources_saml_list @@ -13946,9 +13759,6 @@ components: - POST - POST_AUTO type: string - BlankEnum: - enum: - - '' Cache: type: object description: Generic cache stats for an object @@ -14091,7 +13901,7 @@ components: is currently active properties: type: - $ref: '#/components/schemas/Type4f1Enum' + $ref: '#/components/schemas/ChallengeChoices' component: type: string title: @@ -14106,6 +13916,12 @@ components: $ref: '#/components/schemas/ErrorDetail' required: - type + ChallengeChoices: + enum: + - native + - shell + - redirect + type: string ClientTypeEnum: enum: - confidential @@ -14655,21 +14471,19 @@ components: type: integer readOnly: true action: + allOf: + - $ref: '#/components/schemas/ActionEnum' description: Match created events with this action type. When left empty, all action types will be matched. - oneOf: - - $ref: '#/components/schemas/ActionEnum' - - $ref: '#/components/schemas/BlankEnum' client_ip: type: string description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: + allOf: + - $ref: '#/components/schemas/AppEnum' description: Match events created by selected application. When left empty, all applications are matched. - oneOf: - - $ref: '#/components/schemas/AppEnum' - - $ref: '#/components/schemas/BlankEnum' required: - bound_to - component @@ -14688,21 +14502,19 @@ components: description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. action: + allOf: + - $ref: '#/components/schemas/ActionEnum' description: Match created events with this action type. When left empty, all action types will be matched. - oneOf: - - $ref: '#/components/schemas/ActionEnum' - - $ref: '#/components/schemas/BlankEnum' client_ip: type: string description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: + allOf: + - $ref: '#/components/schemas/AppEnum' description: Match events created by selected application. When left empty, all applications are matched. - oneOf: - - $ref: '#/components/schemas/AppEnum' - - $ref: '#/components/schemas/BlankEnum' EventRequest: type: object description: Event Serializer @@ -14866,7 +14678,7 @@ components: format: uuid readOnly: true cache_count: - type: string + type: integer readOnly: true policy_engine_mode: $ref: '#/components/schemas/PolicyEngineModeEnum' @@ -15813,31 +15625,6 @@ components: - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName - urn:oasis:names:tc:SAML:2.0:nameid-format:transient type: string - Nested: - type: object - properties: - id: - type: integer - readOnly: true - token: - type: string - maxLength: 16 - device: - allOf: - - $ref: '#/components/schemas/Nested' - readOnly: true - required: - - device - - id - - token - NestedRequest: - type: object - properties: - token: - type: string - maxLength: 16 - required: - - token NotConfiguredActionEnum: enum: - skip @@ -18417,21 +18204,19 @@ components: description: When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged. action: + allOf: + - $ref: '#/components/schemas/ActionEnum' description: Match created events with this action type. When left empty, all action types will be matched. - oneOf: - - $ref: '#/components/schemas/ActionEnum' - - $ref: '#/components/schemas/BlankEnum' client_ip: type: string description: Matches Event's Client IP (strict matching, for network matching use an Expression Policy) app: + allOf: + - $ref: '#/components/schemas/AppEnum' description: Match events created by selected application. When left empty, all applications are matched. - oneOf: - - $ref: '#/components/schemas/AppEnum' - - $ref: '#/components/schemas/BlankEnum' PatchedExpressionPolicyRequest: type: object description: Group Membership Policy Serializer @@ -19409,6 +19194,10 @@ components: type: string description: The human-readable name of this device. maxLength: 64 + token_set: + type: array + items: + type: integer PatchedTOTPDeviceRequest: type: object description: Serializer for totp authenticator devices @@ -20295,7 +20084,7 @@ components: description: Challenge type to redirect the client properties: type: - $ref: '#/components/schemas/Type4f1Enum' + $ref: '#/components/schemas/ChallengeChoices' component: type: string title: @@ -21122,8 +20911,7 @@ components: token_set: type: array items: - $ref: '#/components/schemas/Nested' - readOnly: true + type: integer pk: type: integer readOnly: true @@ -21140,8 +20928,13 @@ components: type: string description: The human-readable name of this device. maxLength: 64 + token_set: + type: array + items: + type: integer required: - name + - token_set StatusEnum: enum: - SUCCESSFUL @@ -21297,12 +21090,6 @@ components: readOnly: true required: - key - Type4f1Enum: - enum: - - native - - shell - - redirect - type: string TypeCreate: type: object description: Types of an object that can be created diff --git a/web/src/pages/admin-overview/cards/BackupStatusCard.ts b/web/src/pages/admin-overview/cards/BackupStatusCard.ts index 707cd1e90..18ff32088 100644 --- a/web/src/pages/admin-overview/cards/BackupStatusCard.ts +++ b/web/src/pages/admin-overview/cards/BackupStatusCard.ts @@ -1,20 +1,20 @@ import { t } from "@lingui/macro"; import { customElement, html, TemplateResult } from "lit-element"; import { AdminStatus, AdminStatusCard } from "./AdminStatusCard"; -import { AdminApi, TaskStatusEnum } from "authentik-api"; +import { AdminApi, StatusEnum } from "authentik-api"; import { DEFAULT_CONFIG } from "../../../api/Config"; import { convertToTitle } from "../../../utils"; @customElement("ak-admin-status-card-backup") -export class BackupStatusCard extends AdminStatusCard { +export class BackupStatusCard extends AdminStatusCard { - getPrimaryValue(): Promise { - return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRead({ + getPrimaryValue(): Promise { + return new AdminApi(DEFAULT_CONFIG).adminSystemTasksRetrieve({ id: "backup_database" }).then((value) => { return value.status; }).catch(() => { - return TaskStatusEnum.Error; + return StatusEnum.Error; }); } @@ -22,14 +22,14 @@ export class BackupStatusCard extends AdminStatusCard { return html`${convertToTitle(this.value?.toString() || "")}`; } - getStatus(value: TaskStatusEnum): Promise { + getStatus(value: StatusEnum): Promise { switch (value) { - case TaskStatusEnum.Warning: + case StatusEnum.Warning: return Promise.resolve({ icon: "fa fa-exclamation-triangle pf-m-warning", message: t`Backup finished with warnings.`, }); - case TaskStatusEnum.Error: + case StatusEnum.Error: return Promise.resolve({ icon: "fa fa-times-circle pf-m-danger", message: t`Backup finished with errors.`, diff --git a/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts b/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts index 934f937ef..fac4532db 100644 --- a/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts +++ b/web/src/pages/admin-overview/charts/LDAPSyncStatusChart.ts @@ -1,6 +1,6 @@ import { t } from "@lingui/macro"; import { customElement } from "lit-element"; -import { SourcesApi, TaskStatusEnum } from "authentik-api"; +import { SourcesApi, StatusEnum } from "authentik-api"; import { DEFAULT_CONFIG } from "../../../api/Config"; import "../../../elements/forms/ConfirmationForm"; import { AKChart } from "../../../elements/charts/Chart"; @@ -38,10 +38,10 @@ export class LDAPSyncStatusChart extends AKChart { let unsynced = 0; await Promise.all(sources.results.map(async (element) => { try { - const health = await api.sourcesLdapSyncStatus({ + const health = await api.sourcesLdapSyncStatusRetrieve({ slug: element.slug, }); - if (health.status !== TaskStatusEnum.Successful) { + if (health.status !== StatusEnum.Successful) { failed += 1; } const now = new Date().getTime(); diff --git a/web/src/pages/applications/ApplicationForm.ts b/web/src/pages/applications/ApplicationForm.ts index 2e027a1bf..4f451d5a9 100644 --- a/web/src/pages/applications/ApplicationForm.ts +++ b/web/src/pages/applications/ApplicationForm.ts @@ -18,7 +18,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class ApplicationForm extends ModelForm { loadInstance(pk: string): Promise { - return new CoreApi(DEFAULT_CONFIG).coreApplicationsRead({ + return new CoreApi(DEFAULT_CONFIG).coreApplicationsRetrieve({ slug: pk }); } diff --git a/web/src/pages/applications/ApplicationViewPage.ts b/web/src/pages/applications/ApplicationViewPage.ts index 44fd12555..56099ebbb 100644 --- a/web/src/pages/applications/ApplicationViewPage.ts +++ b/web/src/pages/applications/ApplicationViewPage.ts @@ -26,7 +26,7 @@ export class ApplicationViewPage extends LitElement { @property() set applicationSlug(value: string) { - new CoreApi(DEFAULT_CONFIG).coreApplicationsRead({ + new CoreApi(DEFAULT_CONFIG).coreApplicationsRetrieve({ slug: value }).then((app) => { this.application = app; diff --git a/web/src/pages/crypto/CertificateKeyPairForm.ts b/web/src/pages/crypto/CertificateKeyPairForm.ts index d44a7ac79..4f003d3ff 100644 --- a/web/src/pages/crypto/CertificateKeyPairForm.ts +++ b/web/src/pages/crypto/CertificateKeyPairForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class CertificateKeyPairForm extends ModelForm { loadInstance(pk: string): Promise { - return new CryptoApi(DEFAULT_CONFIG).cryptoCertificatekeypairsRead({ + return new CryptoApi(DEFAULT_CONFIG).cryptoCertificatekeypairsRetrieve({ kpUuid: pk, }); } diff --git a/web/src/pages/events/EventInfoPage.ts b/web/src/pages/events/EventInfoPage.ts index 7a9aa17aa..069e5ef3f 100644 --- a/web/src/pages/events/EventInfoPage.ts +++ b/web/src/pages/events/EventInfoPage.ts @@ -16,7 +16,7 @@ export class EventInfoPage extends LitElement { @property() set eventID(value: string) { - new EventsApi(DEFAULT_CONFIG).eventsEventsRead({ + new EventsApi(DEFAULT_CONFIG).eventsEventsRetrieve({ eventUuid: value }).then((ev) => { this.event = ev as EventWithContext; diff --git a/web/src/pages/events/RuleForm.ts b/web/src/pages/events/RuleForm.ts index d931d4bdc..7d988b9e4 100644 --- a/web/src/pages/events/RuleForm.ts +++ b/web/src/pages/events/RuleForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class RuleForm extends ModelForm { loadInstance(pk: string): Promise { - return new EventsApi(DEFAULT_CONFIG).eventsRulesRead({ + return new EventsApi(DEFAULT_CONFIG).eventsRulesRetrieve({ pbmUuid: pk, }); } diff --git a/web/src/pages/events/TransportForm.ts b/web/src/pages/events/TransportForm.ts index 5daaf7cd3..bf0be2c17 100644 --- a/web/src/pages/events/TransportForm.ts +++ b/web/src/pages/events/TransportForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class TransportForm extends ModelForm { loadInstance(pk: string): Promise { - return new EventsApi(DEFAULT_CONFIG).eventsTransportsRead({ + return new EventsApi(DEFAULT_CONFIG).eventsTransportsRetrieve({ uuid: pk, }); } diff --git a/web/src/pages/flows/FlowForm.ts b/web/src/pages/flows/FlowForm.ts index 077c5063a..0fe02d0bb 100644 --- a/web/src/pages/flows/FlowForm.ts +++ b/web/src/pages/flows/FlowForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class FlowForm extends ModelForm { loadInstance(pk: string): Promise { - return new FlowsApi(DEFAULT_CONFIG).flowsInstancesRead({ + return new FlowsApi(DEFAULT_CONFIG).flowsInstancesRetrieve({ slug: pk, }); } diff --git a/web/src/pages/flows/FlowViewPage.ts b/web/src/pages/flows/FlowViewPage.ts index 1d4a68327..2361c943d 100644 --- a/web/src/pages/flows/FlowViewPage.ts +++ b/web/src/pages/flows/FlowViewPage.ts @@ -23,7 +23,7 @@ import PFGallery from "@patternfly/patternfly/layouts/Gallery/gallery.css"; export class FlowViewPage extends LitElement { @property() set flowSlug(value: string) { - new FlowsApi(DEFAULT_CONFIG).flowsInstancesRead({ + new FlowsApi(DEFAULT_CONFIG).flowsInstancesRetrieve({ slug: value }).then((flow) => { this.flow = flow; diff --git a/web/src/pages/flows/StageBindingForm.ts b/web/src/pages/flows/StageBindingForm.ts index b206a11ff..89e966e41 100644 --- a/web/src/pages/flows/StageBindingForm.ts +++ b/web/src/pages/flows/StageBindingForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class StageBindingForm extends ModelForm { loadInstance(pk: string): Promise { - return new FlowsApi(DEFAULT_CONFIG).flowsBindingsRead({ + return new FlowsApi(DEFAULT_CONFIG).flowsBindingsRetrieve({ fsbUuid: pk, }); } diff --git a/web/src/pages/groups/GroupForm.ts b/web/src/pages/groups/GroupForm.ts index 1a11548ff..703c137bb 100644 --- a/web/src/pages/groups/GroupForm.ts +++ b/web/src/pages/groups/GroupForm.ts @@ -18,7 +18,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class GroupForm extends ModelForm { loadInstance(pk: string): Promise { - return new CoreApi(DEFAULT_CONFIG).coreGroupsRead({ + return new CoreApi(DEFAULT_CONFIG).coreGroupsRetrieve({ groupUuid: pk }); } diff --git a/web/src/pages/outposts/OutpostForm.ts b/web/src/pages/outposts/OutpostForm.ts index cdafde68a..a3656ed20 100644 --- a/web/src/pages/outposts/OutpostForm.ts +++ b/web/src/pages/outposts/OutpostForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class OutpostForm extends ModelForm { loadInstance(pk: string): Promise { - return new OutpostsApi(DEFAULT_CONFIG).outpostsInstancesRead({ + return new OutpostsApi(DEFAULT_CONFIG).outpostsInstancesRetrieve({ uuid: pk }); } diff --git a/web/src/pages/outposts/ServiceConnectionDockerForm.ts b/web/src/pages/outposts/ServiceConnectionDockerForm.ts index 0c55ee0d3..516c881f6 100644 --- a/web/src/pages/outposts/ServiceConnectionDockerForm.ts +++ b/web/src/pages/outposts/ServiceConnectionDockerForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class ServiceConnectionDockerForm extends ModelForm { loadInstance(pk: string): Promise { - return new OutpostsApi(DEFAULT_CONFIG).outpostsServiceConnectionsDockerRead({ + return new OutpostsApi(DEFAULT_CONFIG).outpostsServiceConnectionsDockerRetrieve({ uuid: pk, }); } diff --git a/web/src/pages/outposts/ServiceConnectionKubernetesForm.ts b/web/src/pages/outposts/ServiceConnectionKubernetesForm.ts index db68af807..800055d5d 100644 --- a/web/src/pages/outposts/ServiceConnectionKubernetesForm.ts +++ b/web/src/pages/outposts/ServiceConnectionKubernetesForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class ServiceConnectionKubernetesForm extends ModelForm { loadInstance(pk: string): Promise { - return new OutpostsApi(DEFAULT_CONFIG).outpostsServiceConnectionsKubernetesRead({ + return new OutpostsApi(DEFAULT_CONFIG).outpostsServiceConnectionsKubernetesRetrieve({ uuid: pk, }); } diff --git a/web/src/pages/policies/PolicyBindingForm.ts b/web/src/pages/policies/PolicyBindingForm.ts index 67fd9a702..3cfa3bcd7 100644 --- a/web/src/pages/policies/PolicyBindingForm.ts +++ b/web/src/pages/policies/PolicyBindingForm.ts @@ -19,7 +19,7 @@ enum target { export class PolicyBindingForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesBindingsRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesBindingsRetrieve({ policyBindingUuid: pk }).then(binding => { if (binding?.policyObj) { diff --git a/web/src/pages/policies/dummy/DummyPolicyForm.ts b/web/src/pages/policies/dummy/DummyPolicyForm.ts index cef3bf67e..7a4f681e2 100644 --- a/web/src/pages/policies/dummy/DummyPolicyForm.ts +++ b/web/src/pages/policies/dummy/DummyPolicyForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class DummyPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesDummyRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesDummyRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts b/web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts index 2c1279205..b67eaa7be 100644 --- a/web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts +++ b/web/src/pages/policies/event_matcher/EventMatcherPolicyForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class EventMatcherPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesEventMatcherRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/expiry/ExpiryPolicyForm.ts b/web/src/pages/policies/expiry/ExpiryPolicyForm.ts index cfb404bb3..348fb8ee2 100644 --- a/web/src/pages/policies/expiry/ExpiryPolicyForm.ts +++ b/web/src/pages/policies/expiry/ExpiryPolicyForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PasswordExpiryPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordExpiryRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/expression/ExpressionPolicyForm.ts b/web/src/pages/policies/expression/ExpressionPolicyForm.ts index bb44eb97d..9c9d89f21 100644 --- a/web/src/pages/policies/expression/ExpressionPolicyForm.ts +++ b/web/src/pages/policies/expression/ExpressionPolicyForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class ExpressionPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesExpressionRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/hibp/HaveIBeenPwnedPolicyForm.ts b/web/src/pages/policies/hibp/HaveIBeenPwnedPolicyForm.ts index 813ee70dc..aa1316991 100644 --- a/web/src/pages/policies/hibp/HaveIBeenPwnedPolicyForm.ts +++ b/web/src/pages/policies/hibp/HaveIBeenPwnedPolicyForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class HaveIBeenPwnedPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesHaveibeenpwnedRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/password/PasswordPolicyForm.ts b/web/src/pages/policies/password/PasswordPolicyForm.ts index 15ace51c0..38a2e8318 100644 --- a/web/src/pages/policies/password/PasswordPolicyForm.ts +++ b/web/src/pages/policies/password/PasswordPolicyForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PasswordPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesPasswordRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/policies/reputation/ReputationPolicyForm.ts b/web/src/pages/policies/reputation/ReputationPolicyForm.ts index 1b606ba09..2557fa93d 100644 --- a/web/src/pages/policies/reputation/ReputationPolicyForm.ts +++ b/web/src/pages/policies/reputation/ReputationPolicyForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class ReputationPolicyForm extends ModelForm { loadInstance(pk: string): Promise { - return new PoliciesApi(DEFAULT_CONFIG).policiesReputationRead({ + return new PoliciesApi(DEFAULT_CONFIG).policiesReputationRetrieve({ policyUuid: pk, }); } diff --git a/web/src/pages/property-mappings/PropertyMappingLDAPForm.ts b/web/src/pages/property-mappings/PropertyMappingLDAPForm.ts index 66a865263..8e750bea4 100644 --- a/web/src/pages/property-mappings/PropertyMappingLDAPForm.ts +++ b/web/src/pages/property-mappings/PropertyMappingLDAPForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class PropertyMappingLDAPForm extends ModelForm { loadInstance(pk: string): Promise { - return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapRead({ + return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsLdapRetrieve({ pmUuid: pk, }); } diff --git a/web/src/pages/property-mappings/PropertyMappingSAMLForm.ts b/web/src/pages/property-mappings/PropertyMappingSAMLForm.ts index 2c87a523b..81198df19 100644 --- a/web/src/pages/property-mappings/PropertyMappingSAMLForm.ts +++ b/web/src/pages/property-mappings/PropertyMappingSAMLForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; @customElement("ak-property-mapping-saml-form") export class PropertyMappingLDAPForm extends ModelForm { loadInstance(pk: string): Promise { - return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlRead({ + return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsSamlRetrieve({ pmUuid: pk, }); } diff --git a/web/src/pages/property-mappings/PropertyMappingScopeForm.ts b/web/src/pages/property-mappings/PropertyMappingScopeForm.ts index 56c2d9262..c77aa284b 100644 --- a/web/src/pages/property-mappings/PropertyMappingScopeForm.ts +++ b/web/src/pages/property-mappings/PropertyMappingScopeForm.ts @@ -12,7 +12,7 @@ import "../../elements/CodeMirror"; export class PropertyMappingScopeForm extends ModelForm { loadInstance(pk: string): Promise { - return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeRead({ + return new PropertymappingsApi(DEFAULT_CONFIG).propertymappingsScopeRetrieve({ pmUuid: pk, }); } diff --git a/web/src/pages/providers/ProviderViewPage.ts b/web/src/pages/providers/ProviderViewPage.ts index 20c27aa23..521a86538 100644 --- a/web/src/pages/providers/ProviderViewPage.ts +++ b/web/src/pages/providers/ProviderViewPage.ts @@ -17,7 +17,7 @@ export class ProviderViewPage extends LitElement { @property({type: Number}) set providerID(value: number) { - new ProvidersApi(DEFAULT_CONFIG).providersAllRead({ + new ProvidersApi(DEFAULT_CONFIG).providersAllRetrieve({ id: value, }).then((prov) => (this.provider = prov)); } diff --git a/web/src/pages/providers/ldap/LDAPProviderForm.ts b/web/src/pages/providers/ldap/LDAPProviderForm.ts index 9f1e8b6e3..3cfb46420 100644 --- a/web/src/pages/providers/ldap/LDAPProviderForm.ts +++ b/web/src/pages/providers/ldap/LDAPProviderForm.ts @@ -14,7 +14,7 @@ import { first } from "../../../utils"; export class LDAPProviderFormPage extends ModelForm { loadInstance(pk: number): Promise { - return new ProvidersApi(DEFAULT_CONFIG).providersLdapRead({ + return new ProvidersApi(DEFAULT_CONFIG).providersLdapRetrieve({ id: pk, }); } diff --git a/web/src/pages/providers/ldap/LDAPProviderViewPage.ts b/web/src/pages/providers/ldap/LDAPProviderViewPage.ts index 0f7a05768..548ba82bd 100644 --- a/web/src/pages/providers/ldap/LDAPProviderViewPage.ts +++ b/web/src/pages/providers/ldap/LDAPProviderViewPage.ts @@ -33,7 +33,7 @@ export class LDAPProviderViewPage extends LitElement { @property({type: Number}) set providerID(value: number) { - new ProvidersApi(DEFAULT_CONFIG).providersLdapRead({ + new ProvidersApi(DEFAULT_CONFIG).providersLdapRetrieve({ id: value, }).then((prov) => (this.provider = prov)); } diff --git a/web/src/pages/providers/oauth2/OAuth2ProviderForm.ts b/web/src/pages/providers/oauth2/OAuth2ProviderForm.ts index eb720b3e4..9ce3d4fe7 100644 --- a/web/src/pages/providers/oauth2/OAuth2ProviderForm.ts +++ b/web/src/pages/providers/oauth2/OAuth2ProviderForm.ts @@ -14,7 +14,7 @@ import { first, randomString } from "../../../utils"; export class OAuth2ProviderFormPage extends ModelForm { loadInstance(pk: number): Promise { - return new ProvidersApi(DEFAULT_CONFIG).providersOauth2Read({ + return new ProvidersApi(DEFAULT_CONFIG).providersOauth2Retrieve({ id: pk, }).then(provider => { this.showClientSecret = provider.clientType === OAuth2ProviderClientTypeEnum.Confidential; diff --git a/web/src/pages/providers/oauth2/OAuth2ProviderViewPage.ts b/web/src/pages/providers/oauth2/OAuth2ProviderViewPage.ts index 8fdb63ba5..f2fcdf68e 100644 --- a/web/src/pages/providers/oauth2/OAuth2ProviderViewPage.ts +++ b/web/src/pages/providers/oauth2/OAuth2ProviderViewPage.ts @@ -32,7 +32,7 @@ export class OAuth2ProviderViewPage extends LitElement { @property({type: Number}) set providerID(value: number) { const api = new ProvidersApi(DEFAULT_CONFIG); - api.providersOauth2Read({ + api.providersOauth2Retrieve({ id: value }).then((prov) => { this.provider = prov; diff --git a/web/src/pages/providers/proxy/ProxyProviderForm.ts b/web/src/pages/providers/proxy/ProxyProviderForm.ts index adb3412bb..4e592e995 100644 --- a/web/src/pages/providers/proxy/ProxyProviderForm.ts +++ b/web/src/pages/providers/proxy/ProxyProviderForm.ts @@ -14,7 +14,7 @@ import { first } from "../../../utils"; export class ProxyProviderFormPage extends ModelForm { loadInstance(pk: number): Promise { - return new ProvidersApi(DEFAULT_CONFIG).providersProxyRead({ + return new ProvidersApi(DEFAULT_CONFIG).providersProxyRetrieve({ id: pk, }).then(provider => { this.showHttpBasic = first(provider.basicAuthEnabled, true); diff --git a/web/src/pages/providers/proxy/ProxyProviderViewPage.ts b/web/src/pages/providers/proxy/ProxyProviderViewPage.ts index c0d0c0365..77260fb51 100644 --- a/web/src/pages/providers/proxy/ProxyProviderViewPage.ts +++ b/web/src/pages/providers/proxy/ProxyProviderViewPage.ts @@ -31,7 +31,7 @@ export class ProxyProviderViewPage extends LitElement { @property({type: Number}) set providerID(value: number) { - new ProvidersApi(DEFAULT_CONFIG).providersProxyRead({ + new ProvidersApi(DEFAULT_CONFIG).providersProxyRetrieve({ id: value, }).then((prov) => (this.provider = prov)); } diff --git a/web/src/pages/providers/saml/SAMLProviderForm.ts b/web/src/pages/providers/saml/SAMLProviderForm.ts index 3adedebea..99e35f4a1 100644 --- a/web/src/pages/providers/saml/SAMLProviderForm.ts +++ b/web/src/pages/providers/saml/SAMLProviderForm.ts @@ -14,7 +14,7 @@ export class SAMLProviderFormPage extends ModelForm { loadInstance(pk: number): Promise { console.log("reading saml provider"); - return new ProvidersApi(DEFAULT_CONFIG).providersSamlRead({ + return new ProvidersApi(DEFAULT_CONFIG).providersSamlRetrieve({ id: pk, }); } diff --git a/web/src/pages/providers/saml/SAMLProviderViewPage.ts b/web/src/pages/providers/saml/SAMLProviderViewPage.ts index 014e9feea..1ecb3cc8e 100644 --- a/web/src/pages/providers/saml/SAMLProviderViewPage.ts +++ b/web/src/pages/providers/saml/SAMLProviderViewPage.ts @@ -36,7 +36,7 @@ export class SAMLProviderViewPage extends LitElement { @property({type: Number}) set providerID(value: number) { - new ProvidersApi(DEFAULT_CONFIG).providersSamlRead({ + new ProvidersApi(DEFAULT_CONFIG).providersSamlRetrieve({ id: value, }).then((prov) => (this.provider = prov)); } diff --git a/web/src/pages/sources/SourceViewPage.ts b/web/src/pages/sources/SourceViewPage.ts index 7041d54d2..b802548b5 100644 --- a/web/src/pages/sources/SourceViewPage.ts +++ b/web/src/pages/sources/SourceViewPage.ts @@ -17,7 +17,7 @@ export class SourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(slug: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesAllRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesAllRetrieve({ slug: slug }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/ldap/LDAPSourceForm.ts b/web/src/pages/sources/ldap/LDAPSourceForm.ts index 8d1da3d3a..5473d0f06 100644 --- a/web/src/pages/sources/ldap/LDAPSourceForm.ts +++ b/web/src/pages/sources/ldap/LDAPSourceForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class LDAPSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesLdapRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesLdapRetrieve({ slug: pk, }); } diff --git a/web/src/pages/sources/ldap/LDAPSourceViewPage.ts b/web/src/pages/sources/ldap/LDAPSourceViewPage.ts index 11db0d025..10d4f5a21 100644 --- a/web/src/pages/sources/ldap/LDAPSourceViewPage.ts +++ b/web/src/pages/sources/ldap/LDAPSourceViewPage.ts @@ -30,7 +30,7 @@ export class LDAPSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(slug: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesLdapRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesLdapRetrieve({ slug: slug }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/oauth/OAuthSourceForm.ts b/web/src/pages/sources/oauth/OAuthSourceForm.ts index de7d66630..63b40aaf9 100644 --- a/web/src/pages/sources/oauth/OAuthSourceForm.ts +++ b/web/src/pages/sources/oauth/OAuthSourceForm.ts @@ -15,7 +15,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class OAuthSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesOauthRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({ slug: pk, }).then(source => { this.showUrlOptions = first(source.type?.urlsCustomizable, false); diff --git a/web/src/pages/sources/oauth/OAuthSourceViewPage.ts b/web/src/pages/sources/oauth/OAuthSourceViewPage.ts index b4f9bb498..f2176bd51 100644 --- a/web/src/pages/sources/oauth/OAuthSourceViewPage.ts +++ b/web/src/pages/sources/oauth/OAuthSourceViewPage.ts @@ -29,7 +29,7 @@ export class OAuthSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(value: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesOauthRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesOauthRetrieve({ slug: value }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/plex/PlexSourceForm.ts b/web/src/pages/sources/plex/PlexSourceForm.ts index 404f83d44..c0ad21155 100644 --- a/web/src/pages/sources/plex/PlexSourceForm.ts +++ b/web/src/pages/sources/plex/PlexSourceForm.ts @@ -16,7 +16,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PlexSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesPlexRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({ slug: pk, }).then(source => { this.plexToken = source.plexToken; diff --git a/web/src/pages/sources/plex/PlexSourceViewPage.ts b/web/src/pages/sources/plex/PlexSourceViewPage.ts index 556c610e3..6593595c8 100644 --- a/web/src/pages/sources/plex/PlexSourceViewPage.ts +++ b/web/src/pages/sources/plex/PlexSourceViewPage.ts @@ -29,7 +29,7 @@ export class PlexSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(value: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesPlexRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesPlexRetrieve({ slug: value }).then((source) => { this.source = source; diff --git a/web/src/pages/sources/saml/SAMLSourceForm.ts b/web/src/pages/sources/saml/SAMLSourceForm.ts index a20695c4b..777c4a940 100644 --- a/web/src/pages/sources/saml/SAMLSourceForm.ts +++ b/web/src/pages/sources/saml/SAMLSourceForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class SAMLSourceForm extends ModelForm { loadInstance(pk: string): Promise { - return new SourcesApi(DEFAULT_CONFIG).sourcesSamlRead({ + return new SourcesApi(DEFAULT_CONFIG).sourcesSamlRetrieve({ slug: pk, }); } diff --git a/web/src/pages/sources/saml/SAMLSourceViewPage.ts b/web/src/pages/sources/saml/SAMLSourceViewPage.ts index 2449f2c65..15f5b7c71 100644 --- a/web/src/pages/sources/saml/SAMLSourceViewPage.ts +++ b/web/src/pages/sources/saml/SAMLSourceViewPage.ts @@ -32,7 +32,7 @@ export class SAMLSourceViewPage extends LitElement { @property({ type: String }) set sourceSlug(slug: string) { - new SourcesApi(DEFAULT_CONFIG).sourcesSamlRead({ + new SourcesApi(DEFAULT_CONFIG).sourcesSamlRetrieve({ slug: slug }).then((source) => { this.source = source; diff --git a/web/src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts b/web/src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts index 243583d59..5a88db784 100644 --- a/web/src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts +++ b/web/src/pages/stages/authenticator_static/AuthenticatorStaticStageForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class AuthenticatorStaticStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticRead({ + return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorStaticRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts b/web/src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts index b92164768..6be5c63b9 100644 --- a/web/src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts +++ b/web/src/pages/stages/authenticator_totp/AuthenticatorTOTPStageForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class AuthenticatorTOTPStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpRead({ + return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorTotpRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts b/web/src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts index 8314a5f08..fc5c3ae07 100644 --- a/web/src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts +++ b/web/src/pages/stages/authenticator_validate/AuthenticatorValidateStageForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class AuthenticatorValidateStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateRead({ + return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorValidateRetrieve({ stageUuid: pk, }).then(stage => { this.showConfigureFlow = stage.notConfiguredAction === AuthenticatorValidateStageNotConfiguredActionEnum.Configure; diff --git a/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts b/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts index 0b449b019..3469d4b37 100644 --- a/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts +++ b/web/src/pages/stages/authenticator_webauthn/AuthenticateWebAuthnStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class AuthenticateWebAuthnStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRead({ + return new StagesApi(DEFAULT_CONFIG).stagesAuthenticatorWebauthnRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/captcha/CaptchaStageForm.ts b/web/src/pages/stages/captcha/CaptchaStageForm.ts index 8d84252c2..b6ab2c591 100644 --- a/web/src/pages/stages/captcha/CaptchaStageForm.ts +++ b/web/src/pages/stages/captcha/CaptchaStageForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class CaptchaStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRead({ + return new StagesApi(DEFAULT_CONFIG).stagesCaptchaRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/consent/ConsentStageForm.ts b/web/src/pages/stages/consent/ConsentStageForm.ts index c1776f77b..033655787 100644 --- a/web/src/pages/stages/consent/ConsentStageForm.ts +++ b/web/src/pages/stages/consent/ConsentStageForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class ConsentStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesConsentRead({ + return new StagesApi(DEFAULT_CONFIG).stagesConsentRetrieve({ stageUuid: pk, }).then(stage => { this.showExpiresIn = stage.name === ConsentStageModeEnum.Expiring; diff --git a/web/src/pages/stages/deny/DenyStageForm.ts b/web/src/pages/stages/deny/DenyStageForm.ts index 9b261a25c..c3b0a2f7d 100644 --- a/web/src/pages/stages/deny/DenyStageForm.ts +++ b/web/src/pages/stages/deny/DenyStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class DenyStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesDenyRead({ + return new StagesApi(DEFAULT_CONFIG).stagesDenyRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/dummy/DummyStageForm.ts b/web/src/pages/stages/dummy/DummyStageForm.ts index b753efec5..7793883bf 100644 --- a/web/src/pages/stages/dummy/DummyStageForm.ts +++ b/web/src/pages/stages/dummy/DummyStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class DummyStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesDummyRead({ + return new StagesApi(DEFAULT_CONFIG).stagesDummyRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/email/EmailStageForm.ts b/web/src/pages/stages/email/EmailStageForm.ts index d7d82a424..1f5c44fe2 100644 --- a/web/src/pages/stages/email/EmailStageForm.ts +++ b/web/src/pages/stages/email/EmailStageForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class EmailStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesEmailRead({ + return new StagesApi(DEFAULT_CONFIG).stagesEmailRetrieve({ stageUuid: pk, }).then(stage => { this.showConnectionSettings = !stage.useGlobalSettings; diff --git a/web/src/pages/stages/identification/IdentificationStageForm.ts b/web/src/pages/stages/identification/IdentificationStageForm.ts index 5ced5259c..590033e6e 100644 --- a/web/src/pages/stages/identification/IdentificationStageForm.ts +++ b/web/src/pages/stages/identification/IdentificationStageForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class IdentificationStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesIdentificationRead({ + return new StagesApi(DEFAULT_CONFIG).stagesIdentificationRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/invitation/InvitationForm.ts b/web/src/pages/stages/invitation/InvitationForm.ts index 76b3065ce..d9487c1fa 100644 --- a/web/src/pages/stages/invitation/InvitationForm.ts +++ b/web/src/pages/stages/invitation/InvitationForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class InvitationForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsRead({ + return new StagesApi(DEFAULT_CONFIG).stagesInvitationInvitationsRetrieve({ inviteUuid: pk, }); } diff --git a/web/src/pages/stages/invitation/InvitationStageForm.ts b/web/src/pages/stages/invitation/InvitationStageForm.ts index 659758134..a4b86b1ff 100644 --- a/web/src/pages/stages/invitation/InvitationStageForm.ts +++ b/web/src/pages/stages/invitation/InvitationStageForm.ts @@ -13,7 +13,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class InvitationStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRead({ + return new StagesApi(DEFAULT_CONFIG).stagesInvitationStagesRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/password/PasswordStageForm.ts b/web/src/pages/stages/password/PasswordStageForm.ts index 4b8981eba..19b826144 100644 --- a/web/src/pages/stages/password/PasswordStageForm.ts +++ b/web/src/pages/stages/password/PasswordStageForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PasswordStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPasswordRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPasswordRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/prompt/PromptForm.ts b/web/src/pages/stages/prompt/PromptForm.ts index fab889bee..75a478c4d 100644 --- a/web/src/pages/stages/prompt/PromptForm.ts +++ b/web/src/pages/stages/prompt/PromptForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PromptForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPromptPromptsRetrieve({ promptUuid: pk }); } diff --git a/web/src/pages/stages/prompt/PromptStageForm.ts b/web/src/pages/stages/prompt/PromptStageForm.ts index 89711f639..4ae078d9f 100644 --- a/web/src/pages/stages/prompt/PromptStageForm.ts +++ b/web/src/pages/stages/prompt/PromptStageForm.ts @@ -15,7 +15,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class PromptStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRead({ + return new StagesApi(DEFAULT_CONFIG).stagesPromptStagesRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/user_delete/UserDeleteStageForm.ts b/web/src/pages/stages/user_delete/UserDeleteStageForm.ts index 2e03e7aca..a483bd767 100644 --- a/web/src/pages/stages/user_delete/UserDeleteStageForm.ts +++ b/web/src/pages/stages/user_delete/UserDeleteStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserDeleteStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserDeleteRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/user_login/UserLoginStageForm.ts b/web/src/pages/stages/user_login/UserLoginStageForm.ts index aacf23666..52df581c2 100644 --- a/web/src/pages/stages/user_login/UserLoginStageForm.ts +++ b/web/src/pages/stages/user_login/UserLoginStageForm.ts @@ -12,7 +12,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserLoginStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserLoginRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/user_logout/UserLogoutStageForm.ts b/web/src/pages/stages/user_logout/UserLogoutStageForm.ts index 2bf3da413..64693214e 100644 --- a/web/src/pages/stages/user_logout/UserLogoutStageForm.ts +++ b/web/src/pages/stages/user_logout/UserLogoutStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserLogoutStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserLogoutRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/stages/user_write/UserWriteStageForm.ts b/web/src/pages/stages/user_write/UserWriteStageForm.ts index cb8c7b31d..502ccd6fa 100644 --- a/web/src/pages/stages/user_write/UserWriteStageForm.ts +++ b/web/src/pages/stages/user_write/UserWriteStageForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserWriteStageForm extends ModelForm { loadInstance(pk: string): Promise { - return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRead({ + return new StagesApi(DEFAULT_CONFIG).stagesUserWriteRetrieve({ stageUuid: pk, }); } diff --git a/web/src/pages/user-settings/tokens/UserTokenForm.ts b/web/src/pages/user-settings/tokens/UserTokenForm.ts index 8fad96109..299cecfda 100644 --- a/web/src/pages/user-settings/tokens/UserTokenForm.ts +++ b/web/src/pages/user-settings/tokens/UserTokenForm.ts @@ -11,7 +11,7 @@ import { ModelForm } from "../../../elements/forms/ModelForm"; export class UserTokenForm extends ModelForm { loadInstance(pk: string): Promise { - return new CoreApi(DEFAULT_CONFIG).coreTokensRead({ + return new CoreApi(DEFAULT_CONFIG).coreTokensRetrieve({ identifier: pk }); } diff --git a/web/src/pages/users/UserForm.ts b/web/src/pages/users/UserForm.ts index 2f5c72761..6a9c2a011 100644 --- a/web/src/pages/users/UserForm.ts +++ b/web/src/pages/users/UserForm.ts @@ -14,7 +14,7 @@ import { ModelForm } from "../../elements/forms/ModelForm"; export class UserForm extends ModelForm { loadInstance(pk: number): Promise { - return new CoreApi(DEFAULT_CONFIG).coreUsersRead({ + return new CoreApi(DEFAULT_CONFIG).coreUsersRetrieve({ id: pk }); } diff --git a/web/src/pages/users/UserViewPage.ts b/web/src/pages/users/UserViewPage.ts index 4f8d64051..3ed03e90d 100644 --- a/web/src/pages/users/UserViewPage.ts +++ b/web/src/pages/users/UserViewPage.ts @@ -38,7 +38,7 @@ export class UserViewPage extends LitElement { @property({ type: Number }) set userId(id: number) { - new CoreApi(DEFAULT_CONFIG).coreUsersRead({ + new CoreApi(DEFAULT_CONFIG).coreUsersRetrieve({ id: id, }).then((user) => { this.user = user; From 4fb71a6bdd121b5657c2ea29ae0cd305cd66970a Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 15:08:51 +0200 Subject: [PATCH 05/35] api: fix pagination schema Signed-off-by: Jens Langhammer --- authentik/api/pagination.py | 34 + authentik/providers/saml/api.py | 7 +- authentik/root/settings.py | 2 +- schema.yml | 2100 +++++++++++++++++-------------- 4 files changed, 1231 insertions(+), 912 deletions(-) diff --git a/authentik/api/pagination.py b/authentik/api/pagination.py index 04bfefd1e..435a33b3f 100644 --- a/authentik/api/pagination.py +++ b/authentik/api/pagination.py @@ -30,3 +30,37 @@ class Pagination(pagination.PageNumberPagination): "results": data, } ) + + def get_paginated_response_schema(self, schema): + return { + "type": "object", + "properties": { + "pagination": { + "type": "object", + "properties": { + "next": { + "type": "number", + }, + "previous": { + "type": "number", + }, + "count": { + "type": "number", + }, + "current": { + "type": "number", + }, + "total_pages": { + "type": "number", + }, + "start_index": { + "type": "number", + }, + "end_index": { + "type": "number", + }, + }, + }, + "results": schema, + }, + } diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 51ee04077..65222ca4d 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -6,7 +6,12 @@ from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema, extend_schema_field +from drf_spectacular.utils import ( + OpenApiParameter, + OpenApiResponse, + extend_schema, + extend_schema_field, +) from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser diff --git a/authentik/root/settings.py b/authentik/root/settings.py index ea24c745d..367053f68 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -154,7 +154,7 @@ SPECTACULAR_SETTINGS = { "ENUM_NAME_OVERRIDES": { "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes" }, - "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False + "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False, } REST_FRAMEWORK = { diff --git a/schema.yml b/schema.yml index 97dfea93f..586d6aa27 100644 --- a/schema.yml +++ b/schema.yml @@ -16288,19 +16288,23 @@ components: PaginatedApplicationList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16308,19 +16312,23 @@ components: PaginatedAuthenticateWebAuthnStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16328,19 +16336,23 @@ components: PaginatedAuthenticatorStaticStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16348,19 +16360,23 @@ components: PaginatedAuthenticatorTOTPStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16368,19 +16384,23 @@ components: PaginatedAuthenticatorValidateStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16388,19 +16408,23 @@ components: PaginatedCaptchaStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16408,19 +16432,23 @@ components: PaginatedCertificateKeyPairList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16428,19 +16456,23 @@ components: PaginatedConsentStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16448,19 +16480,23 @@ components: PaginatedDenyStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16468,19 +16504,23 @@ components: PaginatedDockerServiceConnectionList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16488,19 +16528,23 @@ components: PaginatedDummyPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16508,19 +16552,23 @@ components: PaginatedDummyStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16528,19 +16576,23 @@ components: PaginatedEmailStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16548,19 +16600,23 @@ components: PaginatedEventList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16568,19 +16624,23 @@ components: PaginatedEventMatcherPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16588,19 +16648,23 @@ components: PaginatedEventTopPerUserList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16608,19 +16672,23 @@ components: PaginatedExpiringBaseGrantModelList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16628,19 +16696,23 @@ components: PaginatedExpressionPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16648,19 +16720,23 @@ components: PaginatedFlowList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16668,19 +16744,23 @@ components: PaginatedFlowStageBindingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16688,19 +16768,23 @@ components: PaginatedGroupList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16708,19 +16792,23 @@ components: PaginatedHaveIBeenPwendPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16728,19 +16816,23 @@ components: PaginatedIPReputationList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16748,19 +16840,23 @@ components: PaginatedIdentificationStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16768,19 +16864,23 @@ components: PaginatedInvitationList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16788,19 +16888,23 @@ components: PaginatedInvitationStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16808,19 +16912,23 @@ components: PaginatedKubernetesServiceConnectionList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16828,19 +16936,23 @@ components: PaginatedLDAPOutpostConfigList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16848,19 +16960,23 @@ components: PaginatedLDAPPropertyMappingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16868,19 +16984,23 @@ components: PaginatedLDAPProviderList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16888,19 +17008,23 @@ components: PaginatedLDAPSourceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16908,19 +17032,23 @@ components: PaginatedNotificationList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16928,19 +17056,23 @@ components: PaginatedNotificationRuleList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16948,19 +17080,23 @@ components: PaginatedNotificationTransportList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16968,19 +17104,23 @@ components: PaginatedOAuth2ProviderList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -16988,19 +17128,23 @@ components: PaginatedOAuthSourceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17008,19 +17152,23 @@ components: PaginatedOutpostHealthList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17028,19 +17176,23 @@ components: PaginatedOutpostList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17048,19 +17200,23 @@ components: PaginatedPasswordExpiryPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17068,19 +17224,23 @@ components: PaginatedPasswordPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17088,19 +17248,23 @@ components: PaginatedPasswordStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17108,19 +17272,23 @@ components: PaginatedPlexSourceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17128,19 +17296,23 @@ components: PaginatedPolicyBindingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17148,19 +17320,23 @@ components: PaginatedPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17168,19 +17344,23 @@ components: PaginatedPromptList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17188,19 +17368,23 @@ components: PaginatedPromptStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17208,19 +17392,23 @@ components: PaginatedPropertyMappingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17228,19 +17416,23 @@ components: PaginatedProviderList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17248,19 +17440,23 @@ components: PaginatedProxyOutpostConfigList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17268,19 +17464,23 @@ components: PaginatedProxyProviderList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17288,19 +17488,23 @@ components: PaginatedReputationPolicyList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17308,19 +17512,23 @@ components: PaginatedSAMLPropertyMappingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17328,19 +17536,23 @@ components: PaginatedSAMLProviderList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17348,19 +17560,23 @@ components: PaginatedSAMLSourceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17368,19 +17584,23 @@ components: PaginatedScopeMappingList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17388,19 +17608,23 @@ components: PaginatedServiceConnectionList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17408,19 +17632,23 @@ components: PaginatedSourceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17428,19 +17656,23 @@ components: PaginatedStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17448,19 +17680,23 @@ components: PaginatedStaticDeviceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17468,19 +17704,23 @@ components: PaginatedTOTPDeviceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17488,19 +17728,23 @@ components: PaginatedTokenList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17508,19 +17752,23 @@ components: PaginatedUserConsentList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17528,19 +17776,23 @@ components: PaginatedUserDeleteStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17548,19 +17800,23 @@ components: PaginatedUserList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17568,19 +17824,23 @@ components: PaginatedUserLoginStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17588,19 +17848,23 @@ components: PaginatedUserLogoutStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17608,19 +17872,23 @@ components: PaginatedUserOAuthSourceConnectionList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17628,19 +17896,23 @@ components: PaginatedUserReputationList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17648,19 +17920,23 @@ components: PaginatedUserWriteStageList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: @@ -17668,19 +17944,23 @@ components: PaginatedWebAuthnDeviceList: type: object properties: - count: - type: integer - example: 123 - next: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=4 - previous: - type: string - nullable: true - format: uri - example: http://api.example.org/accounts/?page=2 + pagination: + type: object + properties: + next: + type: number + previous: + type: number + count: + type: number + current: + type: number + total_pages: + type: number + start_index: + type: number + end_index: + type: number results: type: array items: From ef9f08553c7c28297b5e4a94b47b0517cdead184 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 15:14:02 +0200 Subject: [PATCH 06/35] *: linting pass, rename from swagger to schema Signed-off-by: Jens Langhammer --- authentik/api/auth.py | 3 + .../api/{swagger.html => browser.html} | 0 authentik/api/tests/test_schema.py | 22 ++++++ authentik/api/tests/test_swagger.py | 31 -------- authentik/api/v2/urls.py | 7 +- authentik/api/views.py | 6 +- authentik/providers/oauth2/api/provider.py | 1 - authentik/providers/saml/api.py | 7 +- authentik/root/settings.py | 4 +- schema.yml | 72 +++++++++---------- 10 files changed, 71 insertions(+), 82 deletions(-) rename authentik/api/templates/api/{swagger.html => browser.html} (100%) create mode 100644 authentik/api/tests/test_schema.py delete mode 100644 authentik/api/tests/test_swagger.py diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 8fa5ca963..412b69d5e 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -59,10 +59,13 @@ class AuthentikTokenAuthentication(BaseAuthentication): class TokenSchema(OpenApiAuthenticationExtension): + """Auth schema""" + target_class = AuthentikTokenAuthentication name = "authentik" def get_security_definition(self, auto_schema): + """Auth schema""" return { "type": "apiKey", "in": "header", diff --git a/authentik/api/templates/api/swagger.html b/authentik/api/templates/api/browser.html similarity index 100% rename from authentik/api/templates/api/swagger.html rename to authentik/api/templates/api/browser.html diff --git a/authentik/api/tests/test_schema.py b/authentik/api/tests/test_schema.py new file mode 100644 index 000000000..d86597d96 --- /dev/null +++ b/authentik/api/tests/test_schema.py @@ -0,0 +1,22 @@ +"""Schema generation tests""" +from django.urls import reverse +from rest_framework.test import APITestCase +from yaml import safe_load + + +class TestSchemaGeneration(APITestCase): + """Generic admin tests""" + + def test_schema(self): + """Test generation""" + response = self.client.get( + reverse("authentik_api:schema"), + ) + self.assertTrue(safe_load(response.content.decode())) + + def test_browser(self): + """Test API Browser""" + response = self.client.get( + reverse("authentik_api:schema-browser"), + ) + self.assertEqual(response.status_code, 200) diff --git a/authentik/api/tests/test_swagger.py b/authentik/api/tests/test_swagger.py deleted file mode 100644 index 7857248ce..000000000 --- a/authentik/api/tests/test_swagger.py +++ /dev/null @@ -1,31 +0,0 @@ -"""Swagger generation tests""" -from json import loads - -from django.urls import reverse -from rest_framework.test import APITestCase -from yaml import safe_load - - -class TestSwaggerGeneration(APITestCase): - """Generic admin tests""" - - def test_yaml(self): - """Test YAML generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".yaml"}), - ) - self.assertTrue(safe_load(response.content.decode())) - - def test_json(self): - """Test JSON generation""" - response = self.client.get( - reverse("authentik_api:schema-json", kwargs={"format": ".json"}), - ) - self.assertTrue(loads(response.content.decode())) - - def test_browser(self): - """Test API Browser""" - response = self.client.get( - reverse("authentik_api:swagger"), - ) - self.assertEqual(response.status_code, 200) diff --git a/authentik/api/v2/urls.py b/authentik/api/v2/urls.py index ce2a5b128..70131035a 100644 --- a/authentik/api/v2/urls.py +++ b/authentik/api/v2/urls.py @@ -1,8 +1,7 @@ """api v2 urls""" -from django.urls import path, re_path +from django.urls import path from drf_spectacular.views import SpectacularAPIView from rest_framework import routers -from rest_framework.permissions import AllowAny from authentik.admin.api.meta import AppsViewSet from authentik.admin.api.metrics import AdministrationMetricsViewSet @@ -10,7 +9,7 @@ from authentik.admin.api.tasks import TaskViewSet from authentik.admin.api.version import VersionViewSet from authentik.admin.api.workers import WorkerViewSet from authentik.api.v2.config import ConfigsViewSet -from authentik.api.views import SwaggerView +from authentik.api.views import APIBrowserView from authentik.core.api.applications import ApplicationViewSet from authentik.core.api.groups import GroupViewSet from authentik.core.api.propertymappings import PropertyMappingViewSet @@ -197,7 +196,7 @@ router.register("policies/dummy", DummyPolicyViewSet) urlpatterns = ( [ - path("", SwaggerView.as_view(), name="swagger"), + path("", APIBrowserView.as_view(), name="schema-browser"), ] + router.urls + [ diff --git a/authentik/api/views.py b/authentik/api/views.py index 736586cd7..36193ed17 100644 --- a/authentik/api/views.py +++ b/authentik/api/views.py @@ -5,10 +5,10 @@ from django.urls import reverse from django.views.generic import TemplateView -class SwaggerView(TemplateView): - """Show swagger view based on rapi-doc""" +class APIBrowserView(TemplateView): + """Show browser view based on rapi-doc""" - template_name = "api/swagger.html" + template_name = "api/browser.html" def get_context_data(self, **kwargs: Any) -> dict[str, Any]: path = self.request.build_absolute_uri( diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index cf239b4a4..db95e393e 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,5 +1,4 @@ """OAuth2Provider API Views""" -from django.db.models.base import Model from django.urls import reverse from django.utils.translation import gettext_lazy as _ from drf_spectacular.utils import OpenApiResponse, extend_schema diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 65222ca4d..804f4b919 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -6,12 +6,7 @@ from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ from drf_spectacular.types import OpenApiTypes -from drf_spectacular.utils import ( - OpenApiParameter, - OpenApiResponse, - extend_schema, - extend_schema_field, -) +from drf_spectacular.utils import OpenApiParameter, OpenApiResponse, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 367053f68..8b4280026 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -152,7 +152,9 @@ SPECTACULAR_SETTINGS = { "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", }, "ENUM_NAME_OVERRIDES": { - "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes" + "ChallengeChoices": "authentik.flows.challenge.ChallengeTypes", + "FlowDesignationEnum": "authentik.flows.models.FlowDesignation", + "PolicyEngineMode": "authentik.policies.models.PolicyEngineMode", }, "ENUM_ADD_EXPLICIT_BLANK_NULL_CHOICE": False, } diff --git a/schema.yml b/schema.yml index 586d6aa27..aa4dda159 100644 --- a/schema.yml +++ b/schema.yml @@ -13457,7 +13457,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - launch_url - name @@ -13492,7 +13492,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - name - slug @@ -14073,16 +14073,6 @@ components: $ref: '#/components/schemas/FlowRequest' required: - name - DesignationEnum: - enum: - - authentication - - authorization - - invalidation - - enrollment - - unenrollment - - recovery - - stage_configuration - type: string DeviceClassesEnum: enum: - static @@ -14658,7 +14648,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -14681,7 +14671,7 @@ components: type: integer readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - cache_count - designation @@ -14692,6 +14682,16 @@ components: - slug - stages - title + FlowDesignationEnum: + enum: + - authentication + - authorization + - invalidation + - enrollment + - unenrollment + - recovery + - stage_configuration + type: string FlowDiagram: type: object description: response of the flow's diagram action @@ -14717,7 +14717,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -14725,7 +14725,7 @@ components: format: binary description: Background shown during execution policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - designation - name @@ -14766,7 +14766,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - order - pk @@ -14796,7 +14796,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' required: - order - stage @@ -15429,7 +15429,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -15523,7 +15523,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -16020,7 +16020,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -16095,7 +16095,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -18228,7 +18228,7 @@ components: meta_publisher: type: string policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedAuthenticateWebAuthnStageRequest: type: object description: AuthenticateWebAuthnStage Serializer @@ -18526,7 +18526,7 @@ components: description: Shown as the Title in Flow pages. designation: allOf: - - $ref: '#/components/schemas/DesignationEnum' + - $ref: '#/components/schemas/FlowDesignationEnum' description: Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik. background: @@ -18534,7 +18534,7 @@ components: format: binary description: Background shown during execution policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedFlowStageBindingRequest: type: object description: FlowStageBinding Serializer @@ -18557,7 +18557,7 @@ components: maximum: 2147483647 minimum: -2147483648 policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' PatchedGroupRequest: type: object description: Group Serializer @@ -18755,7 +18755,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -18951,7 +18951,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19111,7 +19111,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19391,7 +19391,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19655,7 +19655,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19708,7 +19708,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -19859,7 +19859,7 @@ components: required: - order - target - PolicyEngineModeEnum: + PolicyEngineMode: enum: - all - any @@ -20747,7 +20747,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -20833,7 +20833,7 @@ components: nullable: true description: Flow to use when enrolling new users. policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' @@ -21070,7 +21070,7 @@ components: type: string readOnly: true policy_engine_mode: - $ref: '#/components/schemas/PolicyEngineModeEnum' + $ref: '#/components/schemas/PolicyEngineMode' user_matching_mode: allOf: - $ref: '#/components/schemas/UserMatchingModeEnum' From 99be97206bb42f4d35ece6356961ba4d228694fb Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 16 May 2021 15:31:13 +0200 Subject: [PATCH 07/35] web: fix enums Signed-off-by: Jens Langhammer --- web/src/api/Flows.ts | 4 +-- web/src/flows/FlowExecutor.ts | 10 +++--- web/src/pages/applications/ApplicationForm.ts | 12 +++---- web/src/pages/events/RuleForm.ts | 8 ++--- web/src/pages/flows/FlowForm.ts | 6 ++-- web/src/pages/flows/StageBindingForm.ts | 6 ++-- .../providers/oauth2/OAuth2ProviderForm.ts | 26 +++++++------- .../pages/providers/saml/SAMLProviderForm.ts | 24 ++++++------- .../pages/sources/ldap/LDAPSourceViewPage.ts | 6 ++-- .../pages/sources/oauth/OAuthSourceForm.ts | 12 +++---- web/src/pages/sources/plex/PlexSourceForm.ts | 12 +++---- web/src/pages/sources/saml/SAMLSourceForm.ts | 36 +++++++++---------- .../AuthenticatorValidateStageForm.ts | 20 +++++------ .../identification/IdentificationStageForm.ts | 8 ++--- .../stages/password/PasswordStageForm.ts | 8 ++--- .../pages/system-tasks/SystemTaskListPage.ts | 8 ++--- 16 files changed, 103 insertions(+), 103 deletions(-) diff --git a/web/src/api/Flows.ts b/web/src/api/Flows.ts index 10f7c40f9..367ded8e1 100644 --- a/web/src/api/Flows.ts +++ b/web/src/api/Flows.ts @@ -1,4 +1,4 @@ -import { ChallengeTypeEnum } from "authentik-api"; +import { ChallengeChoices } from "authentik-api"; export interface Error { code: string; @@ -10,7 +10,7 @@ export interface ErrorDict { } export interface Challenge { - type: ChallengeTypeEnum; + type: ChallengeChoices; component?: string; title?: string; response_errors?: ErrorDict; diff --git a/web/src/flows/FlowExecutor.ts b/web/src/flows/FlowExecutor.ts index 6338450ba..b190d328b 100644 --- a/web/src/flows/FlowExecutor.ts +++ b/web/src/flows/FlowExecutor.ts @@ -37,7 +37,7 @@ import { AuthenticatorValidateStageChallenge } from "./stages/authenticator_vali import { WebAuthnAuthenticatorRegisterChallenge } from "./stages/authenticator_webauthn/WebAuthnAuthenticatorRegisterStage"; import { CaptchaChallenge } from "./stages/captcha/CaptchaStage"; import { StageHost } from "./stages/base"; -import { Challenge, ChallengeTypeEnum, Config, FlowsApi } from "authentik-api"; +import { Challenge, ChallengeChoices, Config, FlowsApi } from "authentik-api"; import { config, DEFAULT_CONFIG } from "../api/Config"; import { ifDefined } from "lit-html/directives/if-defined"; import { until } from "lit-html/directives/until"; @@ -155,7 +155,7 @@ export class FlowExecutor extends LitElement implements StageHost { errorMessage(error: string): void { this.challenge = { - type: ChallengeTypeEnum.Shell, + type: ChallengeChoices.Shell, body: `