mirror of
https://github.com/goauthentik/authentik.git
synced 2026-06-17 19:09:11 +03:00
Dominic R
33594c9cb4
* Revert "admin/files: support %(theme)s variable in media file paths (#19108)"
This reverts commit 1a963d27c8.
* admin/files: add centralized theme variable support for file URLs
Overview:
Adds support for `%(theme)s` placeholder in file paths, which allows theme-specific assets (like logos, backgrounds, icons) to be served based on the user's current theme (light/dark).
This replaces the previous implementation (reverted in this PR) which only handled theme substitution in the Go file backend and instead uses the new approach which centralizes theme logic and works across both backends.
Testing:
Try out the following for the file and s3 backend:
* Ensure themed images load
* Ensure non-themed images load
Motivation:
Internal
* brands: fix tests
* admin/files: s3 backend: fix tests
.xyz is a known MIME type for chemical/molecular structure files
* admin/files: api: fix tests
* core: fix tests
* admin/files: manager: fix tests
* admin/files: Support themed urls for passthrough backend
* admin/files: Create and use ThemedUrlsSerializer
* root: Regenerate
* core: Add read_only=True since it's a computed field from the model
* root: Regenerate
* web: Use the ThemedUrlsSerializer
* web, core: Fix frontend build
* core: Lint
* admin/files: Fix tests following CodeQL
* flows, providers: fix tests
56589 lines
1.6 MiB
Plaintext
56589 lines
1.6 MiB
Plaintext
openapi: 3.0.3
|
|
info:
|
|
title: authentik
|
|
version: 2026.2.0-rc1
|
|
description: Making authentication simple.
|
|
contact:
|
|
email: hello@goauthentik.io
|
|
license:
|
|
name: MIT
|
|
url: https://github.com/goauthentik/authentik/blob/main/LICENSE
|
|
paths:
|
|
/admin/apps/:
|
|
get:
|
|
operationId: admin_apps_list
|
|
description: Read-only view list all installed apps
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/file/:
|
|
get:
|
|
operationId: admin_file_list
|
|
description: List files from storage backend.
|
|
parameters:
|
|
- in: query
|
|
name: manageable_only
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: usage
|
|
schema:
|
|
enum:
|
|
- media
|
|
type: string
|
|
default: media
|
|
minLength: 1
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FileList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: admin_file_create
|
|
description: Upload file to storage backend.
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: admin_file_destroy
|
|
description: Delete file from storage backend.
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: usage
|
|
schema:
|
|
enum:
|
|
- media
|
|
type: string
|
|
default: media
|
|
minLength: 1
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/file/used_by/:
|
|
get:
|
|
operationId: admin_file_used_by_list
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/models/:
|
|
get:
|
|
operationId: admin_models_list
|
|
description: Read-only view list all installed models
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/settings/:
|
|
get:
|
|
operationId: admin_settings_retrieve
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: admin_settings_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SettingsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: admin_settings_partial_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSettingsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/system/:
|
|
get:
|
|
operationId: admin_system_retrieve
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: admin_system_create
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/:
|
|
get:
|
|
operationId: admin_version_retrieve
|
|
description: Get running and latest version.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Version'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/history/:
|
|
get:
|
|
operationId: admin_version_history_list
|
|
description: VersionHistory Viewset
|
|
parameters:
|
|
- in: query
|
|
name: build
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: version
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/VersionHistory'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/history/{id}/:
|
|
get:
|
|
operationId: admin_version_history_retrieve
|
|
description: VersionHistory Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Version history.
|
|
required: true
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/VersionHistory'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/all/:
|
|
get:
|
|
operationId: authenticators_admin_all_list
|
|
description: Get all devices for current user
|
|
parameters:
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/duo/:
|
|
get:
|
|
operationId: authenticators_admin_duo_list
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_duo_create
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_duo_retrieve
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_duo_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_duo_partial_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_duo_destroy
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/email/:
|
|
get:
|
|
operationId: authenticators_admin_email_list
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_email_create
|
|
description: Viewset for email authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/email/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_email_retrieve
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_email_update
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_email_partial_update
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_email_destroy
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/endpoint/:
|
|
get:
|
|
operationId: authenticators_admin_endpoint_list
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_endpoint_create
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/endpoint/{uuid}/:
|
|
get:
|
|
operationId: authenticators_admin_endpoint_retrieve
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_endpoint_update
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_endpoint_partial_update
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleEndpointDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_endpoint_destroy
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/sms/:
|
|
get:
|
|
operationId: authenticators_admin_sms_list
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_sms_create
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_sms_retrieve
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_sms_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_sms_partial_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_sms_destroy
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/static/:
|
|
get:
|
|
operationId: authenticators_admin_static_list
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_static_create
|
|
description: Viewset for static authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/static/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_static_retrieve
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_static_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_static_partial_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_static_destroy
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/totp/:
|
|
get:
|
|
operationId: authenticators_admin_totp_list
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_totp_create
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_totp_retrieve
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_totp_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_totp_partial_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_totp_destroy
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/webauthn/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_webauthn_create
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/all/:
|
|
get:
|
|
operationId: authenticators_all_list
|
|
description: Get all devices for current user
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/:
|
|
get:
|
|
operationId: authenticators_duo_list
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_duo_retrieve
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_duo_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_duo_partial_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_duo_destroy
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/:
|
|
get:
|
|
operationId: authenticators_email_list
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/{id}/:
|
|
get:
|
|
operationId: authenticators_email_retrieve
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_email_update
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_email_partial_update
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_email_destroy
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/:
|
|
get:
|
|
operationId: authenticators_endpoint_list
|
|
description: Viewset for Endpoint authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/{uuid}/:
|
|
get:
|
|
operationId: authenticators_endpoint_retrieve
|
|
description: Viewset for Endpoint authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/{uuid}/used_by/:
|
|
get:
|
|
operationId: authenticators_endpoint_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/:
|
|
get:
|
|
operationId: authenticators_sms_list
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_sms_retrieve
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_sms_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_sms_partial_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_sms_destroy
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/:
|
|
get:
|
|
operationId: authenticators_static_list
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/{id}/:
|
|
get:
|
|
operationId: authenticators_static_retrieve
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_static_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_static_partial_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_static_destroy
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/:
|
|
get:
|
|
operationId: authenticators_totp_list
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_totp_retrieve
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_totp_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_totp_partial_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_totp_destroy
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/:
|
|
get:
|
|
operationId: authenticators_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/:
|
|
get:
|
|
operationId: core_application_entitlements_list
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: query
|
|
name: app
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedApplicationEntitlementList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_application_entitlements_create
|
|
description: ApplicationEntitlement Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlementRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/{pbm_uuid}/:
|
|
get:
|
|
operationId: core_application_entitlements_retrieve
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_application_entitlements_update
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlementRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_application_entitlements_partial_update
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedApplicationEntitlementRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_application_entitlements_destroy
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: core_application_entitlements_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/:
|
|
get:
|
|
operationId: core_applications_list
|
|
description: Custom list method that checks Policy based access instead of guardian
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_launch_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_publisher
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: only_with_launch_url
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: superuser_full_list
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedApplicationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_applications_create
|
|
description: Application Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/:
|
|
get:
|
|
operationId: core_applications_retrieve
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_applications_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_applications_partial_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedApplicationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_applications_destroy
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/check_access/:
|
|
get:
|
|
operationId: core_applications_check_access_retrieve
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/used_by/:
|
|
get:
|
|
operationId: core_applications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/:
|
|
get:
|
|
operationId: core_authenticated_sessions_list
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session__last_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: session__last_user_agent
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/{uuid}/:
|
|
get:
|
|
operationId: core_authenticated_sessions_retrieve
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_authenticated_sessions_destroy
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/{uuid}/used_by/:
|
|
get:
|
|
operationId: core_authenticated_sessions_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/bulk_delete/:
|
|
delete:
|
|
operationId: core_authenticated_sessions_bulk_delete_destroy
|
|
description: Bulk revoke all sessions for multiple users
|
|
parameters:
|
|
- in: query
|
|
name: user_pks
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
description: List of user IDs to revoke all sessions for
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BulkDeleteSessionResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/:
|
|
get:
|
|
operationId: core_brands_list
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: query
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: branding_default_flow_background
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_favicon
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_logo
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_title
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_certificates
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: default
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: domain
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: flow_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_device_code
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_invalidation
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_recovery
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_unenrollment
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_user_settings
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: web_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBrandList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_brands_create
|
|
description: Brand Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/{brand_uuid}/:
|
|
get:
|
|
operationId: core_brands_retrieve
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_brands_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_brands_partial_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBrandRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_brands_destroy
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/{brand_uuid}/used_by/:
|
|
get:
|
|
operationId: core_brands_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/current/:
|
|
get:
|
|
operationId: core_brands_current_retrieve
|
|
description: Get current brand
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CurrentBrand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/:
|
|
get:
|
|
operationId: core_groups_list
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: include_children
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_inherited_roles
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_parents
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_users
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: members_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: members_by_username
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_groups_create
|
|
description: Group Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/:
|
|
get:
|
|
operationId: core_groups_retrieve
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
- in: query
|
|
name: include_children
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_inherited_roles
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_parents
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_users
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_groups_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_groups_partial_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_groups_destroy
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/add_user/:
|
|
post:
|
|
operationId: core_groups_add_user_create
|
|
description: Add user to group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/remove_user/:
|
|
post:
|
|
operationId: core_groups_remove_user_create
|
|
description: Remove user from group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User removed
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/used_by/:
|
|
get:
|
|
operationId: core_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/:
|
|
get:
|
|
operationId: core_tokens_list
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: query
|
|
name: description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: expiring
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: intent
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- api
|
|
- app_password
|
|
- recovery
|
|
- verification
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_tokens_create
|
|
description: Token Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/:
|
|
get:
|
|
operationId: core_tokens_retrieve
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_tokens_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_tokens_partial_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_tokens_destroy
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/set_key/:
|
|
post:
|
|
operationId: core_tokens_set_key_create
|
|
description: |-
|
|
Set token key. Action is logged as event. `authentik_core.set_token_key` permission
|
|
is required.
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenSetKeyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed key
|
|
'400':
|
|
description: Missing key
|
|
'404':
|
|
description: Token not found or expired
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/used_by/:
|
|
get:
|
|
operationId: core_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/view_key/:
|
|
get:
|
|
operationId: core_tokens_view_key_retrieve
|
|
description: Return token key and log access
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenView'
|
|
description: ''
|
|
'404':
|
|
description: Token not found or expired
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/transactional/applications/:
|
|
put:
|
|
operationId: core_transactional_applications_update
|
|
description: Convert data into a blueprint, validate it and apply it
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/:
|
|
get:
|
|
operationId: core_user_consent_list
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserConsentList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/{id}/:
|
|
get:
|
|
operationId: core_user_consent_retrieve
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_user_consent_destroy
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/{id}/used_by/:
|
|
get:
|
|
operationId: core_user_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/:
|
|
get:
|
|
operationId: core_users_list
|
|
description: User Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: date_joined
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: email
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: groups_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: groups_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: include_groups
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: include_roles
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: is_active
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: path_startswith
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: roles_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: roles_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- external
|
|
- internal
|
|
- internal_service_account
|
|
- service_account
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_users_create
|
|
description: User Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/:
|
|
get:
|
|
operationId: core_users_retrieve
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_users_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_users_partial_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_users_destroy
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/impersonate/:
|
|
post:
|
|
operationId: core_users_impersonate_create
|
|
description: Impersonate a user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ImpersonationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully started impersonation
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/recovery/:
|
|
post:
|
|
operationId: core_users_recovery_create
|
|
description: Create a temporary link that a user can use to recover their account
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/recovery_email/:
|
|
post:
|
|
operationId: core_users_recovery_email_create
|
|
description: Send an email with a temporary link that a user can use to recover
|
|
their account
|
|
parameters:
|
|
- in: query
|
|
name: email_stage
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully sent recover email
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/set_password/:
|
|
post:
|
|
operationId: core_users_set_password_create
|
|
description: Set password for user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPasswordSetRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed password
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/used_by/:
|
|
get:
|
|
operationId: core_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/export/:
|
|
post:
|
|
operationId: core_users_export_create
|
|
description: |-
|
|
Create a data export for this data type. Note that the export is generated asynchronously:
|
|
this method returns a `DataExport` object that will initially have `completed=false` as well
|
|
as the permanent URL to that object in the `Location` header.
|
|
You can poll that URL until `completed=true`, at which point the `file_url` property will
|
|
contain a URL to download
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: date_joined
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: email
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: groups_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: groups_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: is_active
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: path_startswith
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: roles_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: roles_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- external
|
|
- internal
|
|
- internal_service_account
|
|
- service_account
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/impersonate_end/:
|
|
get:
|
|
operationId: core_users_impersonate_end_retrieve
|
|
description: End Impersonation a user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully ended impersonation
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/me/:
|
|
get:
|
|
operationId: core_users_me_retrieve
|
|
description: Get information about current user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SessionUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/paths/:
|
|
get:
|
|
operationId: core_users_paths_retrieve
|
|
description: Get all user paths
|
|
parameters:
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPath'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/service_account/:
|
|
post:
|
|
operationId: core_users_service_account_create
|
|
description: Create a new user account that is marked as a service account
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_list
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: query
|
|
name: has_key
|
|
schema:
|
|
type: boolean
|
|
description: Only return certificate-key pairs with keys
|
|
- in: query
|
|
name: key_type
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- dsa
|
|
- ec
|
|
- ed25519
|
|
- ed448
|
|
- rsa
|
|
description: Filter by key algorithm type (RSA, EC, DSA, etc). Can be specified
|
|
multiple times (e.g. '?key_type=rsa&key_type=ec')
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCertificateKeyPairList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: crypto_certificatekeypairs_create
|
|
description: CertificateKeyPair Viewset
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_retrieve
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: crypto_certificatekeypairs_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: crypto_certificatekeypairs_partial_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: crypto_certificatekeypairs_destroy
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/used_by/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_certificate_retrieve
|
|
description: Return certificate-key pairs certificate and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_private_key_retrieve
|
|
description: Return certificate-key pairs private key and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/generate/:
|
|
post:
|
|
operationId: crypto_certificatekeypairs_generate_create
|
|
description: Generate a new, self-signed certificate-key pair
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateGenerationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAgentConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_agents_connectors_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_agents_connectors_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_agents_connectors_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAgentConnectorRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_agents_connectors_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/mdm_config/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_mdm_config_create
|
|
description: Generate configuration for MDM systems to deploy authentik Agent
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MDMConfigRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MDMConfigResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/agent_config/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_agent_config_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConfig'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/auth_fed/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_auth_fed_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: device
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentTokenResponse'
|
|
description: ''
|
|
'404':
|
|
description: Device not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/auth_ia/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_auth_ia_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentAuthenticationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/check_in/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_check_in_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceFactsRequest'
|
|
responses:
|
|
'204':
|
|
description: Successfully checked in
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/enroll/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_enroll_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentTokenResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: connector
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEnrollmentTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_agents_enrollment_tokens_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_agents_enrollment_tokens_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_agents_enrollment_tokens_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEnrollmentTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_agents_enrollment_tokens_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/view_key/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_view_key_retrieve
|
|
description: Return token key and log access
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenView'
|
|
description: ''
|
|
'404':
|
|
description: Token not found or expired
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/register/device/:
|
|
post:
|
|
operationId: endpoints_agents_psso_register_device_create
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSODeviceRegistrationRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSODeviceRegistrationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/register/user/:
|
|
post:
|
|
operationId: endpoints_agents_psso_register_user_create
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSOUserRegistrationRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/:
|
|
get:
|
|
operationId: endpoints_connectors_list
|
|
description: Connector Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_connectors_retrieve
|
|
description: Connector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Connector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_connectors_destroy
|
|
description: Connector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/types/:
|
|
get:
|
|
operationId: endpoints_connectors_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_list
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDeviceAccessGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_device_access_groups_create
|
|
description: DeviceAccessGroup Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/{pbm_uuid}/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_retrieve
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_device_access_groups_update
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_device_access_groups_partial_update
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDeviceAccessGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_device_access_groups_destroy
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/:
|
|
get:
|
|
operationId: endpoints_device_bindings_list
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDeviceUserBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_device_bindings_create
|
|
description: PolicyBinding Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/{policy_binding_uuid}/:
|
|
get:
|
|
operationId: endpoints_device_bindings_retrieve
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_device_bindings_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_device_bindings_partial_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDeviceUserBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_device_bindings_destroy
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/{policy_binding_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_device_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/:
|
|
get:
|
|
operationId: endpoints_devices_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/{device_uuid}/:
|
|
get:
|
|
operationId: endpoints_devices_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDeviceDetails'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_devices_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_devices_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_devices_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/{device_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_devices_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/summary/:
|
|
get:
|
|
operationId: endpoints_devices_summary_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceSummary'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_list
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFleetConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_fleet_connectors_create
|
|
description: FleetConnector Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_retrieve
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_fleet_connectors_update
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_fleet_connectors_partial_update
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFleetConnectorRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_fleet_connectors_destroy
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/:
|
|
get:
|
|
operationId: enterprise_license_list
|
|
description: License Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLicenseList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: enterprise_license_create
|
|
description: License Viewset
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/{license_uuid}/:
|
|
get:
|
|
operationId: enterprise_license_retrieve
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: enterprise_license_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: enterprise_license_partial_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLicenseRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: enterprise_license_destroy
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/{license_uuid}/used_by/:
|
|
get:
|
|
operationId: enterprise_license_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/forecast/:
|
|
get:
|
|
operationId: enterprise_license_forecast_retrieve
|
|
description: Forecast how many users will be required in a year
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseForecast'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/install_id/:
|
|
get:
|
|
operationId: enterprise_license_install_id_retrieve
|
|
description: Get install_id
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InstallID'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/summary/:
|
|
get:
|
|
operationId: enterprise_license_summary_retrieve
|
|
description: Get the total license status
|
|
parameters:
|
|
- in: query
|
|
name: cached
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseSummary'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/:
|
|
get:
|
|
operationId: events_events_list
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- authorize_application
|
|
- configuration_error
|
|
- custom_
|
|
- email_sent
|
|
- export_ready
|
|
- flow_execution
|
|
- impersonation_ended
|
|
- impersonation_started
|
|
- invitation_used
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- model_created
|
|
- model_deleted
|
|
- model_updated
|
|
- password_set
|
|
- policy_exception
|
|
- policy_execution
|
|
- property_mapping_exception
|
|
- secret_rotate
|
|
- secret_view
|
|
- source_linked
|
|
- suspicious_request
|
|
- system_exception
|
|
- system_task_exception
|
|
- system_task_execution
|
|
- update_available
|
|
- user_write
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_events_create
|
|
description: Event Read-Only Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/{event_uuid}/:
|
|
get:
|
|
operationId: events_events_retrieve
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_events_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_events_partial_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_events_destroy
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/actions/:
|
|
get:
|
|
operationId: events_events_actions_list
|
|
description: Get all actions
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/export/:
|
|
post:
|
|
operationId: events_events_export_create
|
|
description: |-
|
|
Create a data export for this data type. Note that the export is generated asynchronously:
|
|
this method returns a `DataExport` object that will initially have `completed=false` as well
|
|
as the permanent URL to that object in the `Location` header.
|
|
You can poll that URL until `completed=true`, at which point the `file_url` property will
|
|
contain a URL to download
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- authorize_application
|
|
- configuration_error
|
|
- custom_
|
|
- email_sent
|
|
- export_ready
|
|
- flow_execution
|
|
- impersonation_ended
|
|
- impersonation_started
|
|
- invitation_used
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- model_created
|
|
- model_deleted
|
|
- model_updated
|
|
- password_set
|
|
- policy_exception
|
|
- policy_execution
|
|
- property_mapping_exception
|
|
- secret_rotate
|
|
- secret_view
|
|
- source_linked
|
|
- suspicious_request
|
|
- system_exception
|
|
- system_task_exception
|
|
- system_task_execution
|
|
- update_available
|
|
- user_write
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/top_per_user/:
|
|
get:
|
|
operationId: events_events_top_per_user_list
|
|
description: Get the top_n events grouped by user count
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: top_n
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventTopPerUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/volume/:
|
|
get:
|
|
operationId: events_events_volume_list
|
|
description: Get event volume for specified filters and timeframe
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- authorize_application
|
|
- configuration_error
|
|
- custom_
|
|
- email_sent
|
|
- export_ready
|
|
- flow_execution
|
|
- impersonation_ended
|
|
- impersonation_started
|
|
- invitation_used
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- model_created
|
|
- model_deleted
|
|
- model_updated
|
|
- password_set
|
|
- policy_exception
|
|
- policy_execution
|
|
- property_mapping_exception
|
|
- secret_rotate
|
|
- secret_view
|
|
- source_linked
|
|
- suspicious_request
|
|
- system_exception
|
|
- system_task_exception
|
|
- system_task_execution
|
|
- update_available
|
|
- user_write
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- in: query
|
|
name: history_days
|
|
schema:
|
|
type: number
|
|
default: 7
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventVolume'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/:
|
|
get:
|
|
operationId: events_notifications_list
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: query
|
|
name: body
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: event
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: seen
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- alert
|
|
- notice
|
|
- warning
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/{uuid}/:
|
|
get:
|
|
operationId: events_notifications_retrieve
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_notifications_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_notifications_partial_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_notifications_destroy
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_notifications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/mark_all_seen/:
|
|
post:
|
|
operationId: events_notifications_mark_all_seen_create
|
|
description: Mark all the user's notifications as seen
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Marked tasks as read successfully.
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/:
|
|
get:
|
|
operationId: events_rules_list
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: query
|
|
name: destination_group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- alert
|
|
- notice
|
|
- warning
|
|
description: |+
|
|
Controls which severity level the created notifications will have.
|
|
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationRuleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_rules_create
|
|
description: NotificationRule Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/{pbm_uuid}/:
|
|
get:
|
|
operationId: events_rules_retrieve
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_rules_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_rules_partial_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRuleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_rules_destroy
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: events_rules_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/:
|
|
get:
|
|
operationId: events_transports_list
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email
|
|
- local
|
|
- webhook
|
|
- webhook_slack
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: send_once
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: webhook_url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationTransportList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_transports_create
|
|
description: NotificationTransport Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/:
|
|
get:
|
|
operationId: events_transports_retrieve
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_transports_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_transports_partial_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationTransportRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_transports_destroy
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/test/:
|
|
post:
|
|
operationId: events_transports_test_create
|
|
description: |-
|
|
Send example notification using selected transport. Requires
|
|
Modify permissions.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportTest'
|
|
description: ''
|
|
'500':
|
|
description: Failed to test transport
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_transports_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/:
|
|
get:
|
|
operationId: flows_bindings_list
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: evaluate_on_plan
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalid_response_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- restart
|
|
- restart_with_context
|
|
- retry
|
|
description: |+
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
- in: query
|
|
name: re_evaluate_policies
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowStageBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_bindings_create
|
|
description: FlowStageBinding Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/{fsb_uuid}/:
|
|
get:
|
|
operationId: flows_bindings_retrieve
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: flows_bindings_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: flows_bindings_partial_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowStageBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: flows_bindings_destroy
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/{fsb_uuid}/used_by/:
|
|
get:
|
|
operationId: flows_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/executor/{flow_slug}/:
|
|
get:
|
|
operationId: flows_executor_get
|
|
description: Get the next pending challenge from the currently active flow.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_executor_solve
|
|
description: Solve the previously retrieved challenge and advanced to the next
|
|
stage.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowChallengeResponseRequest'
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/inspector/{flow_slug}/:
|
|
get:
|
|
operationId: flows_inspector_get
|
|
description: Get current flow state and record it
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowInspection'
|
|
description: ''
|
|
'400':
|
|
description: No flow plan in session.
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/:
|
|
get:
|
|
operationId: flows_instances_list
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: query
|
|
name: denied_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- continue
|
|
- message
|
|
- message_continue
|
|
description: |+
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
- in: query
|
|
name: designation
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- authentication
|
|
- authorization
|
|
- enrollment
|
|
- invalidation
|
|
- recovery
|
|
- stage_configuration
|
|
- unenrollment
|
|
description: |+
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
- in: query
|
|
name: flow_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_instances_create
|
|
description: Flow Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/:
|
|
get:
|
|
operationId: flows_instances_retrieve
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: flows_instances_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: flows_instances_partial_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: flows_instances_destroy
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/diagram/:
|
|
get:
|
|
operationId: flows_instances_diagram_retrieve
|
|
description: Return diagram for flow with slug `slug`, in the format used by
|
|
flowchart.js
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowDiagram'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/execute/:
|
|
get:
|
|
operationId: flows_instances_execute_retrieve
|
|
description: Execute flow for current user
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
description: Flow not applicable
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/export/:
|
|
get:
|
|
operationId: flows_instances_export_retrieve
|
|
description: Export flow to .yaml file
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
format: binary
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/used_by/:
|
|
get:
|
|
operationId: flows_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/cache_clear/:
|
|
post:
|
|
operationId: flows_instances_cache_clear_create
|
|
description: Clear flow cache
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/cache_info/:
|
|
get:
|
|
operationId: flows_instances_cache_info_retrieve
|
|
description: Info about cached flows
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/import/:
|
|
post:
|
|
operationId: flows_instances_import_create
|
|
description: Import flow from .yaml file
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowImportResult'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowImportResult'
|
|
description: ''
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/:
|
|
get:
|
|
operationId: managed_blueprints_list
|
|
description: Blueprint instances
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBlueprintInstanceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: managed_blueprints_create
|
|
description: Blueprint instances
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/:
|
|
get:
|
|
operationId: managed_blueprints_retrieve
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: managed_blueprints_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: managed_blueprints_partial_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: managed_blueprints_destroy
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/apply/:
|
|
post:
|
|
operationId: managed_blueprints_apply_create
|
|
description: Apply a blueprint
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/used_by/:
|
|
get:
|
|
operationId: managed_blueprints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/available/:
|
|
get:
|
|
operationId: managed_blueprints_available_list
|
|
description: Get blueprints
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintFile'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/:
|
|
get:
|
|
operationId: oauth2_access_tokens_list
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_access_tokens_retrieve
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_access_tokens_destroy
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_access_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_list
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/{id}/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_retrieve
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_authorization_codes_destroy
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_list
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_retrieve
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_refresh_tokens_destroy
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/:
|
|
get:
|
|
operationId: outposts_instances_list
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOutpostList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_instances_create
|
|
description: Outpost Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/:
|
|
get:
|
|
operationId: outposts_instances_retrieve
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_instances_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_instances_partial_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOutpostRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_instances_destroy
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/health/:
|
|
get:
|
|
operationId: outposts_instances_health_list
|
|
description: Get outposts current health
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OutpostHealth'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/default_settings/:
|
|
get:
|
|
operationId: outposts_instances_default_settings_retrieve
|
|
description: Global default outpost config
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostDefaultConfig'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/ldap/:
|
|
get:
|
|
operationId: outposts_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/ldap/{id}/check_access/:
|
|
get:
|
|
operationId: outposts_ldap_access_check
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: app_slug
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPCheckAccess'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/proxy/:
|
|
get:
|
|
operationId: outposts_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/radius/:
|
|
get:
|
|
operationId: outposts_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/radius/{id}/check_access/:
|
|
get:
|
|
operationId: outposts_radius_access_check
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: app_slug
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusCheckAccess'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/:
|
|
get:
|
|
operationId: outposts_service_connections_all_list
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_all_retrieve
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_all_destroy
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/state/:
|
|
get:
|
|
operationId: outposts_service_connections_all_state_retrieve
|
|
description: Get the service connection's state
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnectionState'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/types/:
|
|
get:
|
|
operationId: outposts_service_connections_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_list
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: tls_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: tls_verification
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_service_connections_docker_create
|
|
description: DockerServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_retrieve
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_service_connections_docker_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_service_connections_docker_partial_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_docker_destroy
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_list
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_service_connections_kubernetes_create
|
|
description: KubernetesServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_retrieve
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_service_connections_kubernetes_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_service_connections_kubernetes_partial_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_kubernetes_destroy
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/:
|
|
get:
|
|
operationId: policies_all_list
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: bindings__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: promptstage__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_all_retrieve
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_all_destroy
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/test/:
|
|
post:
|
|
operationId: policies_all_test_create
|
|
description: Test policy
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/cache_clear/:
|
|
post:
|
|
operationId: policies_all_cache_clear_create
|
|
description: Clear policy cache
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/cache_info/:
|
|
get:
|
|
operationId: policies_all_cache_info_retrieve
|
|
description: Info about cached policies
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/types/:
|
|
get:
|
|
operationId: policies_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/:
|
|
get:
|
|
operationId: policies_bindings_list
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_bindings_create
|
|
description: PolicyBinding Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/{policy_binding_uuid}/:
|
|
get:
|
|
operationId: policies_bindings_retrieve
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_bindings_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_bindings_partial_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPolicyBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_bindings_destroy
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/{policy_binding_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/:
|
|
get:
|
|
operationId: policies_dummy_list
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: result
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: wait_max
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: wait_min
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_dummy_create
|
|
description: Dummy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_dummy_retrieve
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_dummy_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_dummy_partial_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_dummy_destroy
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/:
|
|
get:
|
|
operationId: policies_event_matcher_list
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
nullable: true
|
|
enum:
|
|
- authorize_application
|
|
- configuration_error
|
|
- custom_
|
|
- email_sent
|
|
- export_ready
|
|
- flow_execution
|
|
- impersonation_ended
|
|
- impersonation_started
|
|
- invitation_used
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- model_created
|
|
- model_deleted
|
|
- model_updated
|
|
- password_set
|
|
- policy_exception
|
|
- policy_execution
|
|
- property_mapping_exception
|
|
- secret_rotate
|
|
- secret_view
|
|
- source_linked
|
|
- suspicious_request
|
|
- system_exception
|
|
- system_task_exception
|
|
- system_task_execution
|
|
- update_available
|
|
- user_write
|
|
description: |+
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
- in: query
|
|
name: app
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_event_matcher_create
|
|
description: Event Matcher Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_event_matcher_retrieve
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_event_matcher_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_event_matcher_partial_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_event_matcher_destroy
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_event_matcher_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/:
|
|
get:
|
|
operationId: policies_expression_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpressionPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_expression_create
|
|
description: Source Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_expression_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_expression_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_expression_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedExpressionPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_expression_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_expression_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/:
|
|
get:
|
|
operationId: policies_geoip_list
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGeoIPPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_geoip_create
|
|
description: GeoIP Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_geoip_retrieve
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_geoip_update
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_geoip_partial_update
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGeoIPPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_geoip_destroy
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_geoip_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip_iso3166/:
|
|
get:
|
|
operationId: policies_geoip_iso3166_list
|
|
description: Get all countries in ISO-3166-1
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DetailedCountry'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/:
|
|
get:
|
|
operationId: policies_password_list
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: amount_digits
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_lowercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_symbols
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_uppercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: check_have_i_been_pwned
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_static_rules
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_zxcvbn
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: error_message
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: hibp_allowed_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: length_min
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: symbol_charset
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: zxcvbn_score_threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_password_create
|
|
description: Password Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_retrieve
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_password_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_password_partial_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_password_destroy
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/:
|
|
get:
|
|
operationId: policies_password_expiry_list
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: days
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: deny_only
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_password_expiry_create
|
|
description: Password Expiry Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_expiry_retrieve
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_password_expiry_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_password_expiry_partial_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_password_expiry_destroy
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_expiry_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/:
|
|
get:
|
|
operationId: policies_reputation_list
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: check_ip
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_username
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_reputation_create
|
|
description: Reputation Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_retrieve
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_reputation_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_reputation_partial_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedReputationPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_reputation_destroy
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/:
|
|
get:
|
|
operationId: policies_reputation_scores_list
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: identifier_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Multiple values may be separated by commas.
|
|
explode: false
|
|
style: form
|
|
- in: query
|
|
name: ip
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: score
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/{reputation_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_scores_retrieve
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Reputation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_reputation_scores_destroy
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/{reputation_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_scores_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/:
|
|
get:
|
|
operationId: policies_unique_password_list
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: num_historical_passwords
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUniquePasswordPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_unique_password_create
|
|
description: Password Uniqueness Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_unique_password_retrieve
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_unique_password_update
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_unique_password_partial_update
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUniquePasswordPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_unique_password_destroy
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_unique_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/:
|
|
get:
|
|
operationId: propertymappings_all_list
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_all_retrieve
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_all_destroy
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/test/:
|
|
post:
|
|
operationId: propertymappings_all_test_create
|
|
description: Test Property Mapping
|
|
parameters:
|
|
- in: query
|
|
name: format_result
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingTestRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/types/:
|
|
get:
|
|
operationId: propertymappings_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/:
|
|
get:
|
|
operationId: propertymappings_notification_list
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_notification_create
|
|
description: NotificationWebhookMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_notification_retrieve
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_notification_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_notification_partial_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_notification_destroy
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_notification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_list
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_google_workspace_create
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_retrieve
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_google_workspace_update
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_google_workspace_partial_update
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_google_workspace_destroy
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_list
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_microsoft_entra_create
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_retrieve
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_microsoft_entra_update
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_microsoft_entra_partial_update
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_microsoft_entra_destroy
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_list
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRACPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_rac_create
|
|
description: RACPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_retrieve
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_rac_update
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_rac_partial_update
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRACPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_rac_destroy
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_list
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusProviderPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_radius_create
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_retrieve
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_radius_update
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_radius_partial_update
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRadiusProviderPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_radius_destroy
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_list
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: saml_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_saml_create
|
|
description: SAMLPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_retrieve
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_saml_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_saml_partial_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_saml_destroy
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_list
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_scim_create
|
|
description: SCIMMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_retrieve
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_scim_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_scim_partial_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_scim_destroy
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_list
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: scope_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedScopeMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_scope_create
|
|
description: ScopeMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_retrieve
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_scope_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_scope_partial_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedScopeMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_scope_destroy
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_list
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKerberosSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_kerberos_create
|
|
description: KerberosSource PropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_retrieve
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_kerberos_update
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_kerberos_partial_update
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKerberosSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_kerberos_destroy
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_list
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_ldap_create
|
|
description: LDAP PropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_retrieve
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_ldap_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_ldap_partial_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_ldap_destroy
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_list
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuthSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_oauth_create
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_retrieve
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_oauth_update
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_oauth_partial_update
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuthSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_oauth_destroy
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/:
|
|
get:
|
|
operationId: propertymappings_source_plex_list
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_plex_create
|
|
description: PlexSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_plex_retrieve
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_plex_update
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_plex_partial_update
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_plex_destroy
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/:
|
|
get:
|
|
operationId: propertymappings_source_saml_list
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_saml_create
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_saml_retrieve
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_saml_update
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_saml_partial_update
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_saml_destroy
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/:
|
|
get:
|
|
operationId: propertymappings_source_scim_list
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_scim_create
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_scim_retrieve
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_scim_update
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_scim_partial_update
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_scim_destroy
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_list
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTelegramSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_telegram_create
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_retrieve
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_telegram_update
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_telegram_partial_update
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTelegramSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_telegram_destroy
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/:
|
|
get:
|
|
operationId: providers_all_list
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: backchannel
|
|
schema:
|
|
type: boolean
|
|
description: When not set all providers are returned. When set to true, only
|
|
backchannel providers are returned. When set to false, backchannel providers
|
|
are excluded
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/{id}/:
|
|
get:
|
|
operationId: providers_all_retrieve
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_all_destroy
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/{id}/used_by/:
|
|
get:
|
|
operationId: providers_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/types/:
|
|
get:
|
|
operationId: providers_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/:
|
|
get:
|
|
operationId: providers_google_workspace_list
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: delegated_subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_create
|
|
description: GoogleWorkspaceProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_retrieve
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_google_workspace_update
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_google_workspace_partial_update
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_destroy
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_google_workspace_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_google_workspace_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_list
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_groups_create
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_retrieve
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_groups_destroy
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/:
|
|
get:
|
|
operationId: providers_google_workspace_users_list
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_users_create
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_users_retrieve
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_users_destroy
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/:
|
|
get:
|
|
operationId: providers_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: gid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: tls_server_name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_ldap_create
|
|
description: LDAPProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/{id}/:
|
|
get:
|
|
operationId: providers_ldap_retrieve
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_ldap_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_ldap_partial_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_ldap_destroy
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: providers_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/:
|
|
get:
|
|
operationId: providers_microsoft_entra_list
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_create
|
|
description: MicrosoftEntraProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_retrieve
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_microsoft_entra_update
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_microsoft_entra_partial_update
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_destroy
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_microsoft_entra_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_microsoft_entra_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_list
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_groups_create
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_retrieve
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_groups_destroy
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_list
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_users_create
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_retrieve
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_users_destroy
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/:
|
|
get:
|
|
operationId: providers_oauth2_list
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_code_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: access_token_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- confidential
|
|
- public
|
|
description: |+
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
- in: query
|
|
name: include_claims_in_id_token
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- global
|
|
- per_provider
|
|
description: |+
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: refresh_token_validity
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: signing_key
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sub_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- hashed_user_id
|
|
- user_email
|
|
- user_id
|
|
- user_upn
|
|
- user_username
|
|
- user_uuid
|
|
description: |+
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuth2ProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_oauth2_create
|
|
description: OAuth2Provider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/:
|
|
get:
|
|
operationId: providers_oauth2_retrieve
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_oauth2_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_oauth2_partial_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_oauth2_destroy
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_oauth2_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/setup_urls/:
|
|
get:
|
|
operationId: providers_oauth2_setup_urls_retrieve
|
|
description: Get Providers setup URLs
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderSetupURLs'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/used_by/:
|
|
get:
|
|
operationId: providers_oauth2_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/:
|
|
get:
|
|
operationId: providers_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_enabled__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: basic_auth_password_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_user_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: cookie_domain__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: external_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host_ssl_validation__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: mode__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings__iexact
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: skip_path_regex__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_proxy_create
|
|
description: ProxyProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/{id}/:
|
|
get:
|
|
operationId: providers_proxy_retrieve
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_proxy_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_proxy_partial_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedProxyProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_proxy_destroy
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/{id}/used_by/:
|
|
get:
|
|
operationId: providers_proxy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/:
|
|
get:
|
|
operationId: providers_rac_list
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRACProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_rac_create
|
|
description: RACProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/{id}/:
|
|
get:
|
|
operationId: providers_rac_retrieve
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_rac_update
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_rac_partial_update
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRACProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_rac_destroy
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/{id}/used_by/:
|
|
get:
|
|
operationId: providers_rac_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/:
|
|
get:
|
|
operationId: providers_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_networks__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_radius_create
|
|
description: RadiusProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/{id}/:
|
|
get:
|
|
operationId: providers_radius_retrieve
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_radius_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_radius_partial_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRadiusProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_radius_destroy
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/{id}/used_by/:
|
|
get:
|
|
operationId: providers_radius_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/:
|
|
get:
|
|
operationId: providers_saml_list
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: acs_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_before
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: audience
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authn_context_class_ref_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: backchannel_application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: default_name_id_policy
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
- in: query
|
|
name: default_relay_state
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
- in: query
|
|
name: encryption_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalidation_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: is_backchannel
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: logout_method
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- backchannel
|
|
- frontchannel_iframe
|
|
- frontchannel_native
|
|
description: |+
|
|
Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding).
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: name_id_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sign_assertion
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_logout_request
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sls_binding
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- post
|
|
- redirect
|
|
description: |+
|
|
This determines how authentik sends the logout response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: sls_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sp_binding
|
|
schema:
|
|
type: string
|
|
title: Service Provider Binding
|
|
enum:
|
|
- post
|
|
- redirect
|
|
description: |+
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_saml_create
|
|
description: SAMLProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/:
|
|
get:
|
|
operationId: providers_saml_retrieve
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_saml_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_saml_partial_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_saml_destroy
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/metadata/:
|
|
get:
|
|
operationId: providers_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: force_binding
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
|
|
description: Optionally force the metadata to only include one binding.
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
application/xml:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_saml_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/used_by/:
|
|
get:
|
|
operationId: providers_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/import_metadata/:
|
|
post:
|
|
operationId: providers_saml_import_metadata_create
|
|
description: Create provider from SAML Metadata
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/:
|
|
get:
|
|
operationId: providers_scim_list
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_create
|
|
description: SCIMProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/:
|
|
get:
|
|
operationId: providers_scim_retrieve
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_scim_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_scim_partial_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_destroy
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_scim_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_scim_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/:
|
|
get:
|
|
operationId: providers_scim_groups_list
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_groups_create
|
|
description: SCIMProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/{id}/:
|
|
get:
|
|
operationId: providers_scim_groups_retrieve
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_groups_destroy
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/:
|
|
get:
|
|
operationId: providers_scim_users_list
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_users_create
|
|
description: SCIMProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/{id}/:
|
|
get:
|
|
operationId: providers_scim_users_retrieve
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_users_destroy
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/:
|
|
get:
|
|
operationId: providers_ssf_list
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSSFProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_ssf_create
|
|
description: SSFProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/{id}/:
|
|
get:
|
|
operationId: providers_ssf_retrieve
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_ssf_update
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_ssf_partial_update
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSSFProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_ssf_destroy
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/{id}/used_by/:
|
|
get:
|
|
operationId: providers_ssf_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/:
|
|
get:
|
|
operationId: rac_connection_tokens_list
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: query
|
|
name: endpoint
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session__user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConnectionTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/{connection_token_uuid}/:
|
|
get:
|
|
operationId: rac_connection_tokens_retrieve
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rac_connection_tokens_update
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rac_connection_tokens_partial_update
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedConnectionTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rac_connection_tokens_destroy
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/{connection_token_uuid}/used_by/:
|
|
get:
|
|
operationId: rac_connection_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/:
|
|
get:
|
|
operationId: rac_endpoints_list
|
|
description: List accessible endpoints
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: superuser_full_list
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointList'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rac_endpoints_create
|
|
description: Endpoint Viewset
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/{pbm_uuid}/:
|
|
get:
|
|
operationId: rac_endpoints_retrieve
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rac_endpoints_update
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rac_endpoints_partial_update
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rac_endpoints_destroy
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: rac_endpoints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/:
|
|
get:
|
|
operationId: rbac_initial_permissions_list
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInitialPermissionsList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rbac_initial_permissions_create
|
|
description: InitialPermissions viewset
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissionsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/{id}/:
|
|
get:
|
|
operationId: rbac_initial_permissions_retrieve
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rbac_initial_permissions_update
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissionsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rbac_initial_permissions_partial_update
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInitialPermissionsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rbac_initial_permissions_destroy
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/{id}/used_by/:
|
|
get:
|
|
operationId: rbac_initial_permissions_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/:
|
|
get:
|
|
operationId: rbac_permissions_list
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: query
|
|
name: codename
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__model
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: role
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/{id}/:
|
|
get:
|
|
operationId: rbac_permissions_retrieve
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this permission.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Permission'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/:
|
|
get:
|
|
operationId: rbac_permissions_assigned_by_roles_list
|
|
description: Get assigned object permissions for a single object
|
|
parameters:
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_brands.brand
|
|
- authentik_core.application
|
|
- authentik_core.applicationentitlement
|
|
- authentik_core.group
|
|
- authentik_core.token
|
|
- authentik_core.user
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_endpoints.deviceaccessgroup
|
|
- authentik_endpoints.deviceuserbinding
|
|
- authentik_endpoints.endpointstage
|
|
- authentik_endpoints_connectors_agent.agentconnector
|
|
- authentik_endpoints_connectors_agent.agentdeviceuserbinding
|
|
- authentik_endpoints_connectors_agent.enrollmenttoken
|
|
- authentik_endpoints_connectors_fleet.fleetconnector
|
|
- authentik_enterprise.license
|
|
- authentik_events.event
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies.policybinding
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_geoip.geoippolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_policies_unique_password.uniquepasswordpolicy
|
|
- authentik_providers_google_workspace.googleworkspaceprovider
|
|
- authentik_providers_google_workspace.googleworkspaceprovidermapping
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_rac.endpoint
|
|
- authentik_providers_rac.racpropertymapping
|
|
- authentik_providers_rac.racprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_radius.radiusproviderpropertymapping
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_ssf.ssfprovider
|
|
- authentik_rbac.initialpermissions
|
|
- authentik_rbac.role
|
|
- authentik_reports.dataexport
|
|
- authentik_sources_kerberos.groupkerberossourceconnection
|
|
- authentik_sources_kerberos.kerberossource
|
|
- authentik_sources_kerberos.kerberossourcepropertymapping
|
|
- authentik_sources_kerberos.userkerberossourceconnection
|
|
- authentik_sources_ldap.groupldapsourceconnection
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_ldap.ldapsourcepropertymapping
|
|
- authentik_sources_ldap.userldapsourceconnection
|
|
- authentik_sources_oauth.groupoauthsourceconnection
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.oauthsourcepropertymapping
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_plex.groupplexsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourcepropertymapping
|
|
- authentik_sources_plex.userplexsourceconnection
|
|
- authentik_sources_saml.groupsamlsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.samlsourcepropertymapping
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_sources_scim.scimsource
|
|
- authentik_sources_scim.scimsourcepropertymapping
|
|
- authentik_sources_telegram.grouptelegramsourceconnection
|
|
- authentik_sources_telegram.telegramsource
|
|
- authentik_sources_telegram.telegramsourcepropertymapping
|
|
- authentik_sources_telegram.usertelegramsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_email.authenticatoremailstage
|
|
- authentik_stages_authenticator_email.emaildevice
|
|
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_mtls.mutualtlsstage
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_redirect.redirectstage
|
|
- authentik_stages_source.sourcestage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_tasks_schedules.schedule
|
|
- authentik_tenants.domain
|
|
required: true
|
|
- in: query
|
|
name: object_pk
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/{uuid}/assign/:
|
|
post:
|
|
operationId: rbac_permissions_assigned_by_roles_assign
|
|
description: |-
|
|
Assign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PermissionAssignRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PermissionAssignResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/{uuid}/unassign/:
|
|
patch:
|
|
operationId: rbac_permissions_assigned_by_roles_unassign_partial_update
|
|
description: |-
|
|
Unassign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully unassigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/roles/:
|
|
get:
|
|
operationId: rbac_permissions_roles_list
|
|
description: Get a role's assigned object permissions
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/:
|
|
get:
|
|
operationId: rbac_roles_list
|
|
description: Role viewset
|
|
parameters:
|
|
- in: query
|
|
name: ak_groups
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: inherited
|
|
schema:
|
|
type: boolean
|
|
description: Include inherited roles (requires users or ak_groups filter)
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: users
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rbac_roles_create
|
|
description: Role viewset
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/:
|
|
get:
|
|
operationId: rbac_roles_retrieve
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rbac_roles_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rbac_roles_partial_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRoleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rbac_roles_destroy
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/add_user/:
|
|
post:
|
|
operationId: rbac_roles_add_user_create
|
|
description: Add user to role
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountSerializerForRoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/remove_user/:
|
|
post:
|
|
operationId: rbac_roles_remove_user_create
|
|
description: Remove user from role
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountSerializerForRoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User removed
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/used_by/:
|
|
get:
|
|
operationId: rbac_roles_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/reports/exports/:
|
|
get:
|
|
operationId: reports_exports_list
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDataExportList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/reports/exports/{id}/:
|
|
get:
|
|
operationId: reports_exports_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Data Export.
|
|
required: true
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: reports_exports_destroy
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Data Export.
|
|
required: true
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/root/config/:
|
|
get:
|
|
operationId: root_config_retrieve
|
|
description: Retrieve public configuration options
|
|
tags:
|
|
- root
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Config'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/schema/:
|
|
get:
|
|
operationId: schema_retrieve
|
|
description: |-
|
|
OpenApi3 schema for this API. Format can be selected via content negotiation.
|
|
|
|
- YAML: application/vnd.oai.openapi
|
|
- JSON: application/vnd.oai.openapi+json
|
|
parameters:
|
|
- in: query
|
|
name: format
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- json
|
|
- yaml
|
|
- in: query
|
|
name: lang
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- af
|
|
- ar
|
|
- ar-dz
|
|
- ast
|
|
- az
|
|
- be
|
|
- bg
|
|
- bn
|
|
- br
|
|
- bs
|
|
- ca
|
|
- ckb
|
|
- cs
|
|
- cy
|
|
- da
|
|
- de
|
|
- dsb
|
|
- el
|
|
- en
|
|
- en-au
|
|
- en-gb
|
|
- eo
|
|
- es
|
|
- es-ar
|
|
- es-co
|
|
- es-mx
|
|
- es-ni
|
|
- es-ve
|
|
- et
|
|
- eu
|
|
- fa
|
|
- fi
|
|
- fr
|
|
- fy
|
|
- ga
|
|
- gd
|
|
- gl
|
|
- he
|
|
- hi
|
|
- hr
|
|
- hsb
|
|
- hu
|
|
- hy
|
|
- ia
|
|
- id
|
|
- ig
|
|
- io
|
|
- is
|
|
- it
|
|
- ja
|
|
- ka
|
|
- kab
|
|
- kk
|
|
- km
|
|
- kn
|
|
- ko
|
|
- ky
|
|
- lb
|
|
- lt
|
|
- lv
|
|
- mk
|
|
- ml
|
|
- mn
|
|
- mr
|
|
- ms
|
|
- my
|
|
- nb
|
|
- ne
|
|
- nl
|
|
- nn
|
|
- os
|
|
- pa
|
|
- pl
|
|
- pt
|
|
- pt-br
|
|
- ro
|
|
- ru
|
|
- sk
|
|
- sl
|
|
- sq
|
|
- sr
|
|
- sr-latn
|
|
- sv
|
|
- sw
|
|
- ta
|
|
- te
|
|
- tg
|
|
- th
|
|
- tk
|
|
- tr
|
|
- tt
|
|
- udm
|
|
- ug
|
|
- uk
|
|
- ur
|
|
- uz
|
|
- vi
|
|
- zh-hans
|
|
- zh-hant
|
|
tags:
|
|
- schema
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/vnd.oai.openapi:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/yaml:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/vnd.oai.openapi+json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/:
|
|
get:
|
|
operationId: sources_all_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/{slug}/:
|
|
get:
|
|
operationId: sources_all_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Source'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_all_destroy
|
|
description: Prevent deletion of built-in sources
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/types/:
|
|
get:
|
|
operationId: sources_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/user_settings/:
|
|
get:
|
|
operationId: sources_all_user_settings_list
|
|
description: Get all sources the user can configure
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/:
|
|
get:
|
|
operationId: sources_group_connections_all_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_all_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_all_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_all_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_all_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupKerberosSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_kerberos_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_kerberos_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_kerberos_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupKerberosSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_kerberos_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupLDAPSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_ldap_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_ldap_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_ldap_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupLDAPSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_ldap_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupOAuthSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_oauth_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_oauth_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_oauth_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupOAuthSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_oauth_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/:
|
|
get:
|
|
operationId: sources_group_connections_plex_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupPlexSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_plex_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_plex_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_plex_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_plex_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupPlexSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_plex_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/:
|
|
get:
|
|
operationId: sources_group_connections_saml_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupSAMLSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_saml_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_saml_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_saml_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_saml_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupSAMLSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_saml_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupTelegramSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_telegram_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_telegram_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_telegram_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupTelegramSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_telegram_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/:
|
|
get:
|
|
operationId: sources_kerberos_list
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: kadmin_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- Heimdal
|
|
- MIT
|
|
description: |+
|
|
KAdmin server type
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_login_update_internal_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: realm
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: spnego_server_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sync_principal
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sync_users
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_users_password
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKerberosSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_kerberos_create
|
|
description: Kerberos Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/:
|
|
get:
|
|
operationId: sources_kerberos_retrieve
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_kerberos_update
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_kerberos_partial_update
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKerberosSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_kerberos_destroy
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/sync/status/:
|
|
get:
|
|
operationId: sources_kerberos_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/:
|
|
get:
|
|
operationId: sources_ldap_list
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: additional_group_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_user_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: bind_cn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: delete_not_found_objects
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: group_membership_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: group_object_filter
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: group_property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: lookup_groups_from_user
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: object_uniqueness_field
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_login_update_internal_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: peer_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: server_uri
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sni
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: start_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_groups
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_parent_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sync_users
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_users_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: user_membership_attribute
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_object_filter
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_ldap_create
|
|
description: LDAP Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/:
|
|
get:
|
|
operationId: sources_ldap_retrieve
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_ldap_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_ldap_partial_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_ldap_destroy
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/debug/:
|
|
get:
|
|
operationId: sources_ldap_debug_retrieve
|
|
description: Get raw LDAP data to debug
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPDebug'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/sync/status/:
|
|
get:
|
|
operationId: sources_ldap_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/:
|
|
get:
|
|
operationId: sources_oauth_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_token_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_scopes
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: consumer_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- identifier
|
|
- name_deny
|
|
- name_link
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- in: query
|
|
name: has_jwks
|
|
schema:
|
|
type: boolean
|
|
description: Only return sources with JWKS data
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
- in: query
|
|
name: profile_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: provider_type
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: request_token_url
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuthSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_oauth_create
|
|
description: Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/{slug}/:
|
|
get:
|
|
operationId: sources_oauth_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_oauth_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_oauth_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuthSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_oauth_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/source_types/:
|
|
get:
|
|
operationId: sources_oauth_source_types_list
|
|
description: |-
|
|
Get all creatable source types. If ?name is set, only returns the type for <name>.
|
|
If <name> isn't found, returns the default type.
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SourceType'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/:
|
|
get:
|
|
operationId: sources_plex_list
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_friends
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- identifier
|
|
- name_deny
|
|
- name_link
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_plex_create
|
|
description: Plex source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/{slug}/:
|
|
get:
|
|
operationId: sources_plex_retrieve
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_plex_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_plex_partial_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_plex_destroy
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/redeem_token/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_create
|
|
description: |-
|
|
Redeem a plex token, check it's access to resources against what's allowed
|
|
for the source, and redirect to an authentication/enrollment flow.
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectChallenge'
|
|
description: ''
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/plex/redeem_token_authenticated/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_authenticated_create
|
|
description: Redeem a plex token for an authenticated user, creating a connection
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/saml/:
|
|
get:
|
|
operationId: sources_saml_list
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_idp_initiated
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: binding_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- POST
|
|
- POST_AUTO
|
|
- REDIRECT
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: name_id_policy
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
description: |+
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
- in: query
|
|
name: pre_authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
- in: query
|
|
name: signed_assertion
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signed_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: slo_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sso_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: temporary_user_delete_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_saml_create
|
|
description: SAMLSource Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/:
|
|
get:
|
|
operationId: sources_saml_retrieve
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_saml_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_saml_partial_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_saml_destroy
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/metadata/:
|
|
get:
|
|
operationId: sources_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/:
|
|
get:
|
|
operationId: sources_scim_list
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_create
|
|
description: SCIMSource Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/{slug}/:
|
|
get:
|
|
operationId: sources_scim_retrieve
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_update
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_partial_update
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_destroy
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/:
|
|
get:
|
|
operationId: sources_scim_groups_list
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_groups_create
|
|
description: SCIMSourceGroup Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/{id}/:
|
|
get:
|
|
operationId: sources_scim_groups_retrieve
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_groups_update
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_groups_partial_update
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_groups_destroy
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/{id}/used_by/:
|
|
get:
|
|
operationId: sources_scim_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/:
|
|
get:
|
|
operationId: sources_scim_users_list
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_users_create
|
|
description: SCIMSourceUser Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/{id}/:
|
|
get:
|
|
operationId: sources_scim_users_retrieve
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_users_update
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_users_partial_update
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceUserRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_users_destroy
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/{id}/used_by/:
|
|
get:
|
|
operationId: sources_scim_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/:
|
|
get:
|
|
operationId: sources_telegram_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: bot_username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- identifier
|
|
- name_deny
|
|
- name_link
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- all
|
|
- any
|
|
- in: query
|
|
name: request_message_access
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email_deny
|
|
- email_link
|
|
- identifier
|
|
- username_deny
|
|
- username_link
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTelegramSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_telegram_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/{slug}/:
|
|
get:
|
|
operationId: sources_telegram_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_telegram_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_telegram_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTelegramSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_telegram_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/{slug}/connect_user/:
|
|
post:
|
|
operationId: sources_telegram_connect_user_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramAuthRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'403':
|
|
description: Access denied
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
/sources/telegram/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/:
|
|
get:
|
|
operationId: sources_user_connections_all_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_all_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_all_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_all_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_all_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserKerberosSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_kerberos_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_kerberos_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_kerberos_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserKerberosSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_kerberos_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLDAPSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_ldap_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_ldap_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_ldap_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLDAPSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_ldap_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_oauth_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_oauth_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_oauth_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_oauth_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/:
|
|
get:
|
|
operationId: sources_user_connections_plex_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserPlexSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_plex_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_plex_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_plex_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_plex_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserPlexSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_plex_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/:
|
|
get:
|
|
operationId: sources_user_connections_saml_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_saml_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_saml_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_saml_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_saml_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_saml_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserTelegramSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_telegram_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_telegram_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_telegram_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserTelegramSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_telegram_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/ssf/streams/:
|
|
get:
|
|
operationId: ssf_streams_list
|
|
description: SSFStream Viewset
|
|
parameters:
|
|
- in: query
|
|
name: delivery_method
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/poll
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/push
|
|
- in: query
|
|
name: endpoint_url
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- ssf
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSSFStreamList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/ssf/streams/{uuid}/:
|
|
get:
|
|
operationId: ssf_streams_retrieve
|
|
description: SSFStream Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SSF Stream.
|
|
required: true
|
|
tags:
|
|
- ssf
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFStream'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/:
|
|
get:
|
|
operationId: stages_all_list
|
|
description: Stage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_all_retrieve
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Stage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_all_destroy
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/types/:
|
|
get:
|
|
operationId: stages_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/user_settings/:
|
|
get:
|
|
operationId: stages_all_user_settings_list
|
|
description: Get all stages the user can configure
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/:
|
|
get:
|
|
operationId: stages_authenticator_duo_list
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: api_hostname
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_duo_create
|
|
description: AuthenticatorDuoStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_duo_retrieve
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_duo_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_duo_partial_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_duo_destroy
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/enrollment_status/:
|
|
post:
|
|
operationId: stages_authenticator_duo_enrollment_status_create
|
|
description: Check enrollment status of user details in current session
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/import_device_manual/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_device_manual_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Enrollment successful
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_devices_automatic_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/:
|
|
get:
|
|
operationId: stages_authenticator_email_list
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: from_address
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: host
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: port
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_expiry
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: use_global_settings
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_ssl
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorEmailStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_email_create
|
|
description: AuthenticatorEmailStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_email_retrieve
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_email_update
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_email_partial_update
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorEmailStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_email_destroy
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_list
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorEndpointGDTCStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_endpoint_gdtc_create
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_retrieve
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_endpoint_gdtc_update
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_endpoint_gdtc_partial_update
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorEndpointGDTCStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_endpoint_gdtc_destroy
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/:
|
|
get:
|
|
operationId: stages_authenticator_sms_list
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: account_sid
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_password
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: from_number
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- generic
|
|
- twilio
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: verify_only
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_sms_create
|
|
description: AuthenticatorSMSStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_sms_retrieve
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_sms_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_sms_partial_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_sms_destroy
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/:
|
|
get:
|
|
operationId: stages_authenticator_static_list
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: token_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_length
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_static_create
|
|
description: AuthenticatorStaticStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_static_retrieve
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_static_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_static_partial_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_static_destroy
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/:
|
|
get:
|
|
operationId: stages_authenticator_totp_list
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: digits
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- '6'
|
|
- '8'
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_totp_create
|
|
description: AuthenticatorTOTPStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_totp_retrieve
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_totp_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_totp_partial_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_totp_destroy
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/:
|
|
get:
|
|
operationId: stages_authenticator_validate_list
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configuration_stages
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: not_configured_action
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- configure
|
|
- deny
|
|
- skip
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_validate_create
|
|
description: AuthenticatorValidateStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_validate_retrieve
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_validate_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_validate_partial_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_validate_destroy
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_validate_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_list
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: authenticator_attachment
|
|
schema:
|
|
type: string
|
|
nullable: true
|
|
enum:
|
|
- cross-platform
|
|
- platform
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: device_type_restrictions
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: max_attempts
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: resident_key_requirement
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_verification
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorWebAuthnStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_webauthn_create
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_retrieve
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_webauthn_update
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_webauthn_partial_update
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorWebAuthnStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_webauthn_destroy
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn_device_types/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_device_types_list
|
|
description: WebAuthnDeviceType Viewset
|
|
parameters:
|
|
- in: query
|
|
name: aaguid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: icon
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceTypeList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn_device_types/{aaguid}/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_device_types_retrieve
|
|
description: WebAuthnDeviceType Viewset
|
|
parameters:
|
|
- in: path
|
|
name: aaguid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Device type.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/:
|
|
get:
|
|
operationId: stages_captcha_list
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: public_key
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCaptchaStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_captcha_create
|
|
description: CaptchaStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_captcha_retrieve
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_captcha_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_captcha_partial_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCaptchaStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_captcha_destroy
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_captcha_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/:
|
|
get:
|
|
operationId: stages_consent_list
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: consent_expire_in
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- always_require
|
|
- expiring
|
|
- permanent
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConsentStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_consent_create
|
|
description: ConsentStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_consent_retrieve
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_consent_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_consent_partial_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedConsentStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_consent_destroy
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/:
|
|
get:
|
|
operationId: stages_deny_list
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: deny_message
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDenyStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_deny_create
|
|
description: DenyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_deny_retrieve
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_deny_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_deny_partial_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDenyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_deny_destroy
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_deny_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/:
|
|
get:
|
|
operationId: stages_dummy_list
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: throw_error
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_dummy_create
|
|
description: DummyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_dummy_retrieve
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_dummy_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_dummy_partial_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_dummy_destroy
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/:
|
|
get:
|
|
operationId: stages_email_list
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: activate_user_on_success
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: from_address
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: host
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: port
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_expiry
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: use_global_settings
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_ssl
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_email_create
|
|
description: EmailStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_email_retrieve
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_email_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_email_partial_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_email_destroy
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/templates/:
|
|
get:
|
|
operationId: stages_email_templates_list
|
|
description: Get all available templates, including custom templates
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/:
|
|
get:
|
|
operationId: stages_endpoints_list
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_endpoints_create
|
|
description: EndpointStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_endpoints_retrieve
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_endpoints_update
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_endpoints_partial_update
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_endpoints_destroy
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_endpoints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/:
|
|
get:
|
|
operationId: stages_identification_list
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: captcha_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: case_insensitive_matching
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: passwordless_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: recovery_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: show_matched_user
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: show_source_labels
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: webauthn_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedIdentificationStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_identification_create
|
|
description: IdentificationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_identification_retrieve
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_identification_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_identification_partial_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedIdentificationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_identification_destroy
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_identification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/:
|
|
get:
|
|
operationId: stages_invitation_invitations_list
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created_by__username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: flow__slug
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_invitation_invitations_create
|
|
description: Invitation Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/{invite_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_invitations_retrieve
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_invitation_invitations_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_invitation_invitations_partial_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_invitation_invitations_destroy
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/{invite_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_invitations_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/:
|
|
get:
|
|
operationId: stages_invitation_stages_list
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: continue_flow_without_invitation
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: no_flows
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_invitation_stages_create
|
|
description: InvitationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_stages_retrieve
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_invitation_stages_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_invitation_stages_partial_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_invitation_stages_destroy
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/:
|
|
get:
|
|
operationId: stages_mtls_list
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: cert_attribute
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- common_name
|
|
- email
|
|
- subject
|
|
- in: query
|
|
name: certificate_authorities
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- optional
|
|
- required
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_attribute
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- email
|
|
- username
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMutualTLSStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_mtls_create
|
|
description: MutualTLSStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_mtls_retrieve
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_mtls_update
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_mtls_partial_update
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMutualTLSStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_mtls_destroy
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_mtls_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/:
|
|
get:
|
|
operationId: stages_password_list
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_show_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: failed_attempts_before_cancel
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_password_create
|
|
description: PasswordStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_password_retrieve
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_password_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_password_partial_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_password_destroy
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/:
|
|
get:
|
|
operationId: stages_prompt_prompts_list
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: query
|
|
name: field_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: label
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: placeholder
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- ak-locale
|
|
- checkbox
|
|
- date
|
|
- date-time
|
|
- dropdown
|
|
- email
|
|
- file
|
|
- hidden
|
|
- number
|
|
- password
|
|
- radio-button-group
|
|
- separator
|
|
- static
|
|
- text
|
|
- text_area
|
|
- text_area_read_only
|
|
- text_read_only
|
|
- username
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_prompt_prompts_create
|
|
description: Prompt Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/{prompt_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_prompts_retrieve
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_prompt_prompts_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_prompt_prompts_partial_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_prompt_prompts_destroy
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/{prompt_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_prompts_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/preview/:
|
|
post:
|
|
operationId: stages_prompt_prompts_preview_create
|
|
description: Preview a prompt as a challenge, just like a flow would receive
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptChallenge'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/:
|
|
get:
|
|
operationId: stages_prompt_stages_list
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: fields
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: validation_policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_prompt_stages_create
|
|
description: PromptStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_stages_retrieve
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_prompt_stages_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_prompt_stages_partial_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_prompt_stages_destroy
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/:
|
|
get:
|
|
operationId: stages_redirect_list
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRedirectStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_redirect_create
|
|
description: RedirectStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_redirect_retrieve
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_redirect_update
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_redirect_partial_update
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRedirectStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_redirect_destroy
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_redirect_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/:
|
|
get:
|
|
operationId: stages_source_list
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: resume_timeout
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSourceStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_source_create
|
|
description: SourceStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_source_retrieve
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_source_update
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_source_partial_update
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSourceStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_source_destroy
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_source_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/:
|
|
get:
|
|
operationId: stages_user_delete_list
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserDeleteStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_delete_create
|
|
description: UserDeleteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_delete_retrieve
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_delete_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_delete_partial_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserDeleteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_delete_destroy
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_delete_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/:
|
|
get:
|
|
operationId: stages_user_login_list
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: geoip_binding
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- bind_continent
|
|
- bind_continent_country
|
|
- bind_continent_country_city
|
|
- no_binding
|
|
description: |+
|
|
Bind sessions created by this stage to the configured GeoIP location
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: network_binding
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- bind_asn
|
|
- bind_asn_network
|
|
- bind_asn_network_ip
|
|
- no_binding
|
|
description: |+
|
|
Bind sessions created by this stage to the configured network
|
|
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: remember_device
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: remember_me_offset
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session_duration
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: terminate_other_sessions
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLoginStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_login_create
|
|
description: UserLoginStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_login_retrieve
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_login_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_login_partial_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLoginStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_login_destroy
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_login_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/:
|
|
get:
|
|
operationId: stages_user_logout_list
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLogoutStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_logout_create
|
|
description: UserLogoutStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_logout_retrieve
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_logout_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_logout_partial_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLogoutStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_logout_destroy
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_logout_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/:
|
|
get:
|
|
operationId: stages_user_write_list
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: create_users_as_inactive
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: create_users_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_creation_mode
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- always_create
|
|
- create_when_required
|
|
- never_create
|
|
- in: query
|
|
name: user_path_template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_type
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- external
|
|
- internal
|
|
- internal_service_account
|
|
- service_account
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserWriteStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_write_create
|
|
description: UserWriteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_write_retrieve
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_write_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_write_partial_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserWriteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_write_destroy
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_write_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/:
|
|
get:
|
|
operationId: tasks_schedules_list
|
|
parameters:
|
|
- in: query
|
|
name: actor_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: paused
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: rel_obj_content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__model
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedScheduleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/{id}/:
|
|
get:
|
|
operationId: tasks_schedules_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tasks_schedules_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScheduleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tasks_schedules_partial_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedScheduleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/{id}/send/:
|
|
post:
|
|
operationId: tasks_schedules_send_create
|
|
description: Trigger this schedule now
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Schedule sent successfully
|
|
'404':
|
|
description: Schedule not found
|
|
'500':
|
|
description: Failed to send schedule
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/:
|
|
get:
|
|
operationId: tasks_tasks_list
|
|
parameters:
|
|
- in: query
|
|
name: actor_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: aggregated_status
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
enum:
|
|
- consumed
|
|
- done
|
|
- error
|
|
- info
|
|
- postprocess
|
|
- preprocess
|
|
- queued
|
|
- rejected
|
|
- running
|
|
- warning
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: queue_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__model
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: state
|
|
schema:
|
|
type: string
|
|
enum:
|
|
- consumed
|
|
- done
|
|
- postprocess
|
|
- preprocess
|
|
- queued
|
|
- rejected
|
|
- running
|
|
description: |+
|
|
Task status
|
|
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTaskList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/{message_id}/:
|
|
get:
|
|
operationId: tasks_tasks_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: message_id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Task.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Task'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/{message_id}/retry/:
|
|
post:
|
|
operationId: tasks_tasks_retry_create
|
|
description: Retry task
|
|
parameters:
|
|
- in: path
|
|
name: message_id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Task.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Task retried successfully
|
|
'400':
|
|
description: Task is not in a retryable state
|
|
'404':
|
|
description: Task not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/status/:
|
|
get:
|
|
operationId: tasks_tasks_status_retrieve
|
|
description: Global status summary for all tasks
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GlobalTaskStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/workers:
|
|
get:
|
|
operationId: tasks_workers_list
|
|
description: Get currently connected worker count.
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Worker'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/domains/:
|
|
get:
|
|
operationId: tenants_domains_list
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDomainList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: tenants_domains_create
|
|
description: Domain ViewSet
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DomainRequest'
|
|
required: true
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/domains/{id}/:
|
|
get:
|
|
operationId: tenants_domains_retrieve
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tenants_domains_update
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DomainRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tenants_domains_partial_update
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDomainRequest'
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: tenants_domains_destroy
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/:
|
|
get:
|
|
operationId: tenants_tenants_list
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTenantList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: tenants_tenants_create
|
|
description: Tenant Viewset
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/:
|
|
get:
|
|
operationId: tenants_tenants_retrieve
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tenants_tenants_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tenants_tenants_partial_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTenantRequest'
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: tenants_tenants_destroy
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/create_admin_group/:
|
|
post:
|
|
operationId: tenants_tenants_create_admin_group_create
|
|
description: Create admin group and add user to it.
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantAdminGroupRequestRequest'
|
|
required: true
|
|
responses:
|
|
'204':
|
|
description: Group created successfully.
|
|
'400':
|
|
description: Bad request
|
|
'404':
|
|
description: User not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/create_recovery_key/:
|
|
post:
|
|
operationId: tenants_tenants_create_recovery_key_create
|
|
description: Create recovery key for user.
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRecoveryKeyRequestRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRecoveryKeyResponse'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'404':
|
|
description: User not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
components:
|
|
parameters:
|
|
QueryName:
|
|
in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
QueryPaginationOrdering:
|
|
in: query
|
|
name: ordering
|
|
schema:
|
|
type: string
|
|
description: Which field to use when ordering the results.
|
|
QueryPaginationPage:
|
|
in: query
|
|
name: page
|
|
schema:
|
|
type: integer
|
|
description: A page number within the paginated result set.
|
|
QueryPaginationPageSize:
|
|
in: query
|
|
name: page_size
|
|
schema:
|
|
type: integer
|
|
description: Number of results to return per page.
|
|
QuerySearch:
|
|
in: query
|
|
name: search
|
|
schema:
|
|
type: string
|
|
description: A search term.
|
|
responses:
|
|
GenericErrorResponse:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
ValidationErrorResponse:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
schemas:
|
|
AccessDeniedChallenge:
|
|
type: object
|
|
description: Challenge when a flow's active stage calls `stage_invalid()`.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-access-denied
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AgentAuthenticationResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
url:
|
|
type: string
|
|
required:
|
|
- url
|
|
AgentConfig:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
device_id:
|
|
type: string
|
|
readOnly: true
|
|
refresh_interval:
|
|
type: integer
|
|
readOnly: true
|
|
authorization_flow:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
jwks_auth:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
jwks_challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
readOnly: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
nss_gid_offset:
|
|
type: integer
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
system_config:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Config'
|
|
readOnly: true
|
|
license_status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/LicenseStatusEnum'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- auth_terminate_session_on_expiry
|
|
- authorization_flow
|
|
- device_id
|
|
- jwks_auth
|
|
- jwks_challenge
|
|
- license_status
|
|
- nss_gid_offset
|
|
- nss_uid_offset
|
|
- refresh_interval
|
|
- system_config
|
|
AgentConnector:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
snapshot_expiry:
|
|
type: string
|
|
auth_session_duration:
|
|
type: string
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AgentConnectorRequest:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
snapshot_expiry:
|
|
type: string
|
|
minLength: 1
|
|
auth_session_duration:
|
|
type: string
|
|
minLength: 1
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
minLength: 1
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- name
|
|
AgentPSSODeviceRegistrationRequest:
|
|
type: object
|
|
description: Register Apple device via Platform SSO
|
|
properties:
|
|
device_signing_key:
|
|
type: string
|
|
minLength: 1
|
|
device_encryption_key:
|
|
type: string
|
|
minLength: 1
|
|
sign_key_id:
|
|
type: string
|
|
minLength: 1
|
|
enc_key_id:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- device_encryption_key
|
|
- device_signing_key
|
|
- enc_key_id
|
|
- sign_key_id
|
|
AgentPSSODeviceRegistrationResponse:
|
|
type: object
|
|
description: authentik settings for Platform SSO tokens
|
|
properties:
|
|
client_id:
|
|
type: string
|
|
issuer:
|
|
type: string
|
|
token_endpoint:
|
|
type: string
|
|
jwks_endpoint:
|
|
type: string
|
|
audience:
|
|
type: string
|
|
nonce_endpoint:
|
|
type: string
|
|
required:
|
|
- audience
|
|
- client_id
|
|
- issuer
|
|
- jwks_endpoint
|
|
- nonce_endpoint
|
|
- token_endpoint
|
|
AgentPSSOUserRegistrationRequest:
|
|
type: object
|
|
description: Register Apple device user via Platform SSO
|
|
properties:
|
|
user_auth:
|
|
type: string
|
|
minLength: 1
|
|
user_secure_enclave_key:
|
|
type: string
|
|
minLength: 1
|
|
enclave_key_id:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- enclave_key_id
|
|
- user_auth
|
|
- user_secure_enclave_key
|
|
AgentTokenResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
token:
|
|
type: string
|
|
expires_in:
|
|
type: integer
|
|
required:
|
|
- token
|
|
AlgEnum:
|
|
enum:
|
|
- rsa
|
|
- ecdsa
|
|
type: string
|
|
App:
|
|
type: object
|
|
description: Serialize Application info
|
|
properties:
|
|
name:
|
|
type: string
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
- name
|
|
AppEnum:
|
|
enum:
|
|
- authentik.commands
|
|
- authentik.tenants
|
|
- authentik.tasks
|
|
- authentik.admin
|
|
- authentik.api
|
|
- authentik.core
|
|
- authentik.crypto
|
|
- authentik.endpoints
|
|
- authentik.endpoints.connectors.agent
|
|
- authentik.enterprise
|
|
- authentik.events
|
|
- authentik.admin.files
|
|
- authentik.flows
|
|
- authentik.outposts
|
|
- authentik.policies.dummy
|
|
- authentik.policies.event_matcher
|
|
- authentik.policies.expiry
|
|
- authentik.policies.expression
|
|
- authentik.policies.geoip
|
|
- authentik.policies.password
|
|
- authentik.policies.reputation
|
|
- authentik.policies
|
|
- authentik.providers.ldap
|
|
- authentik.providers.oauth2
|
|
- authentik.providers.proxy
|
|
- authentik.providers.rac
|
|
- authentik.providers.radius
|
|
- authentik.providers.saml
|
|
- authentik.providers.scim
|
|
- authentik.rbac
|
|
- authentik.recovery
|
|
- authentik.sources.kerberos
|
|
- authentik.sources.ldap
|
|
- authentik.sources.oauth
|
|
- authentik.sources.plex
|
|
- authentik.sources.saml
|
|
- authentik.sources.scim
|
|
- authentik.sources.telegram
|
|
- authentik.stages.authenticator
|
|
- authentik.stages.authenticator_duo
|
|
- authentik.stages.authenticator_email
|
|
- authentik.stages.authenticator_sms
|
|
- authentik.stages.authenticator_static
|
|
- authentik.stages.authenticator_totp
|
|
- authentik.stages.authenticator_validate
|
|
- authentik.stages.authenticator_webauthn
|
|
- authentik.stages.captcha
|
|
- authentik.stages.consent
|
|
- authentik.stages.deny
|
|
- authentik.stages.dummy
|
|
- authentik.stages.email
|
|
- authentik.stages.identification
|
|
- authentik.stages.invitation
|
|
- authentik.stages.password
|
|
- authentik.stages.prompt
|
|
- authentik.stages.redirect
|
|
- authentik.stages.user_delete
|
|
- authentik.stages.user_login
|
|
- authentik.stages.user_logout
|
|
- authentik.stages.user_write
|
|
- authentik.tasks.schedules
|
|
- authentik.brands
|
|
- authentik.blueprints
|
|
- authentik.enterprise.audit
|
|
- authentik.enterprise.endpoints.connectors.agent
|
|
- authentik.enterprise.endpoints.connectors.fleet
|
|
- authentik.enterprise.policies.unique_password
|
|
- authentik.enterprise.providers.google_workspace
|
|
- authentik.enterprise.providers.microsoft_entra
|
|
- authentik.enterprise.providers.radius
|
|
- authentik.enterprise.providers.scim
|
|
- authentik.enterprise.providers.ssf
|
|
- authentik.enterprise.reports
|
|
- authentik.enterprise.search
|
|
- authentik.enterprise.stages.authenticator_endpoint_gdtc
|
|
- authentik.enterprise.stages.mtls
|
|
- authentik.enterprise.stages.source
|
|
type: string
|
|
AppleChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for apple response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-oauth-apple
|
|
AppleLoginChallenge:
|
|
type: object
|
|
description: Special challenge for apple-native authentication flow, which happens
|
|
on the client.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-oauth-apple
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
scope:
|
|
type: string
|
|
redirect_uri:
|
|
type: string
|
|
state:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- redirect_uri
|
|
- scope
|
|
- state
|
|
Application:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
backchannel_providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
launch_url:
|
|
type: string
|
|
nullable: true
|
|
description: Allow formatting of launch URL
|
|
readOnly: true
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_icon_url:
|
|
type: string
|
|
nullable: true
|
|
description: Get the URL to the App Icon image
|
|
readOnly: true
|
|
meta_icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- backchannel_providers_obj
|
|
- launch_url
|
|
- meta_icon_themed_urls
|
|
- meta_icon_url
|
|
- name
|
|
- pk
|
|
- provider_obj
|
|
- slug
|
|
ApplicationEntitlement:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- app
|
|
- name
|
|
- pbm_uuid
|
|
ApplicationEntitlementRequest:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- app
|
|
- name
|
|
ApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- name
|
|
- slug
|
|
AuthTypeEnum:
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
type: string
|
|
AuthenticatedSession:
|
|
type: object
|
|
description: AuthenticatedSession Serializer
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
current:
|
|
type: boolean
|
|
description: Check if session is currently active session
|
|
readOnly: true
|
|
user_agent:
|
|
type: object
|
|
description: Get parsed user agent
|
|
properties:
|
|
device:
|
|
type: object
|
|
description: User agent device
|
|
properties:
|
|
brand:
|
|
type: string
|
|
family:
|
|
type: string
|
|
model:
|
|
type: string
|
|
required:
|
|
- brand
|
|
- family
|
|
- model
|
|
os:
|
|
type: object
|
|
description: User agent os
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
patch_minor:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
- patch_minor
|
|
user_agent:
|
|
type: object
|
|
description: User agent browser
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
string:
|
|
type: string
|
|
required:
|
|
- device
|
|
- os
|
|
- string
|
|
- user_agent
|
|
readOnly: true
|
|
geo_ip:
|
|
type: object
|
|
description: Get GeoIP Data
|
|
properties:
|
|
continent:
|
|
type: string
|
|
nullable: true
|
|
country:
|
|
type: string
|
|
nullable: true
|
|
lat:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
long:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
city:
|
|
type: string
|
|
required:
|
|
- city
|
|
- continent
|
|
- country
|
|
- lat
|
|
- long
|
|
nullable: true
|
|
readOnly: true
|
|
asn:
|
|
type: object
|
|
description: Get ASN Data
|
|
properties:
|
|
asn:
|
|
type: integer
|
|
nullable: true
|
|
as_org:
|
|
type: string
|
|
nullable: true
|
|
network:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- as_org
|
|
- asn
|
|
- network
|
|
nullable: true
|
|
readOnly: true
|
|
user:
|
|
type: integer
|
|
last_ip:
|
|
type: string
|
|
readOnly: true
|
|
last_user_agent:
|
|
type: string
|
|
readOnly: true
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- asn
|
|
- current
|
|
- expires
|
|
- geo_ip
|
|
- last_ip
|
|
- last_used
|
|
- last_user_agent
|
|
- user
|
|
- user_agent
|
|
AuthenticationEnum:
|
|
enum:
|
|
- none
|
|
- require_authenticated
|
|
- require_unauthenticated
|
|
- require_superuser
|
|
- require_redirect
|
|
- require_outpost
|
|
type: string
|
|
AuthenticatorAttachmentEnum:
|
|
enum:
|
|
- platform
|
|
- cross-platform
|
|
type: string
|
|
AuthenticatorDuoChallenge:
|
|
type: object
|
|
description: Duo Challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-duo
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
activation_barcode:
|
|
type: string
|
|
activation_code:
|
|
type: string
|
|
stage_uuid:
|
|
type: string
|
|
required:
|
|
- activation_barcode
|
|
- activation_code
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- stage_uuid
|
|
AuthenticatorDuoChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for duo response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-duo
|
|
AuthenticatorDuoStage:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
api_hostname:
|
|
type: string
|
|
admin_integration_key:
|
|
type: string
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorDuoStageDeviceImportResponse:
|
|
type: object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
error:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
- error
|
|
AuthenticatorDuoStageManualDeviceImportRequest:
|
|
type: object
|
|
properties:
|
|
duo_user_id:
|
|
type: string
|
|
minLength: 1
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- duo_user_id
|
|
- username
|
|
AuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- client_secret
|
|
- name
|
|
AuthenticatorEmailChallenge:
|
|
type: object
|
|
description: Authenticator Email Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-email
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
email:
|
|
type: string
|
|
nullable: true
|
|
email_required:
|
|
type: boolean
|
|
default: true
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorEmailChallengeResponseRequest:
|
|
type: object
|
|
description: Authenticator Email Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-email
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
email:
|
|
type: string
|
|
minLength: 1
|
|
AuthenticatorEmailStage:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
token_expiry:
|
|
type: string
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorEmailStageRequest:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
AuthenticatorEndpointGDTCStage:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- component
|
|
- credentials
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorEndpointGDTCStageRequest:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- credentials
|
|
- name
|
|
AuthenticatorSMSChallenge:
|
|
type: object
|
|
description: SMS Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-sms
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
phone_number_required:
|
|
type: boolean
|
|
default: true
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorSMSChallengeResponseRequest:
|
|
type: object
|
|
description: SMS Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-sms
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
phone_number:
|
|
type: string
|
|
minLength: 1
|
|
AuthenticatorSMSStage:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
account_sid:
|
|
type: string
|
|
auth:
|
|
type: string
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- component
|
|
- flow_set
|
|
- from_number
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- from_number
|
|
- name
|
|
- provider
|
|
AuthenticatorStaticChallenge:
|
|
type: object
|
|
description: Static authenticator challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-static
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
codes:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- codes
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorStaticChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for static response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-static
|
|
AuthenticatorStaticStage:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
required:
|
|
- name
|
|
AuthenticatorTOTPChallenge:
|
|
type: object
|
|
description: TOTP Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-totp
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
config_url:
|
|
type: string
|
|
required:
|
|
- config_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorTOTPChallengeResponseRequest:
|
|
type: object
|
|
description: TOTP Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-totp
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- code
|
|
AuthenticatorTOTPStage:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- component
|
|
- digits
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- digits
|
|
- name
|
|
AuthenticatorValidateStage:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
webauthn_allowed_device_types_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
- webauthn_allowed_device_types_obj
|
|
AuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- name
|
|
AuthenticatorValidationChallenge:
|
|
type: object
|
|
description: Authenticator challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-validate
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
device_challenges:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceChallenge'
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SelectableStage'
|
|
required:
|
|
- configuration_stages
|
|
- device_challenges
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorValidationChallengeResponseRequest:
|
|
type: object
|
|
description: Challenge used for Code-based and WebAuthn authenticators
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-validate
|
|
selected_challenge:
|
|
$ref: '#/components/schemas/DeviceChallengeRequest'
|
|
selected_stage:
|
|
type: string
|
|
minLength: 1
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
webauthn:
|
|
type: object
|
|
additionalProperties: {}
|
|
duo:
|
|
type: integer
|
|
AuthenticatorWebAuthnChallenge:
|
|
type: object
|
|
description: WebAuthn Challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-webauthn
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
registration:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- registration
|
|
AuthenticatorWebAuthnChallengeResponseRequest:
|
|
type: object
|
|
description: WebAuthn Challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-webauthn
|
|
response:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- response
|
|
AuthenticatorWebAuthnStage:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
device_type_restrictions_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- component
|
|
- device_type_restrictions_obj
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- name
|
|
AuthorizationCodeAuthMethodEnum:
|
|
enum:
|
|
- basic_auth
|
|
- post_body
|
|
type: string
|
|
AutoSubmitChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for autosubmit response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-autosubmit
|
|
Autocomplete:
|
|
type: object
|
|
additionalProperties: {}
|
|
AutosubmitChallenge:
|
|
type: object
|
|
description: Autosubmit challenge used to send and navigate a POST request
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-autosubmit
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
url:
|
|
type: string
|
|
attrs:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
title:
|
|
type: string
|
|
required:
|
|
- attrs
|
|
- url
|
|
BackendsEnum:
|
|
enum:
|
|
- authentik.core.auth.InbuiltBackend
|
|
- authentik.core.auth.TokenBackend
|
|
- authentik.sources.ldap.auth.LDAPBackend
|
|
- authentik.sources.kerberos.auth.KerberosBackend
|
|
type: string
|
|
BindingTypeEnum:
|
|
enum:
|
|
- REDIRECT
|
|
- POST
|
|
- POST_AUTO
|
|
type: string
|
|
BlueprintFile:
|
|
type: object
|
|
properties:
|
|
path:
|
|
type: string
|
|
last_m:
|
|
type: string
|
|
format: date-time
|
|
hash:
|
|
type: string
|
|
meta:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Metadata'
|
|
readOnly: true
|
|
required:
|
|
- hash
|
|
- last_m
|
|
- meta
|
|
- path
|
|
BlueprintInstance:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Instance uuid
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_applied:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_applied_hash:
|
|
type: string
|
|
readOnly: true
|
|
status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
|
|
readOnly: true
|
|
enabled:
|
|
type: boolean
|
|
managed_models:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
metadata:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
content:
|
|
type: string
|
|
required:
|
|
- last_applied
|
|
- last_applied_hash
|
|
- managed_models
|
|
- metadata
|
|
- name
|
|
- pk
|
|
- status
|
|
BlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
required:
|
|
- name
|
|
BlueprintInstanceStatusEnum:
|
|
enum:
|
|
- successful
|
|
- warning
|
|
- error
|
|
- orphaned
|
|
- unknown
|
|
type: string
|
|
Brand:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
brand_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_favicon:
|
|
type: string
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- brand_uuid
|
|
- domain
|
|
BrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- domain
|
|
BulkDeleteSessionResponse:
|
|
type: object
|
|
properties:
|
|
deleted:
|
|
type: integer
|
|
required:
|
|
- deleted
|
|
Cache:
|
|
type: object
|
|
description: Generic cache stats for an object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
CapabilitiesEnum:
|
|
enum:
|
|
- can_save_media
|
|
- can_save_reports
|
|
- can_geo_ip
|
|
- can_asn
|
|
- can_impersonate
|
|
- can_debug
|
|
- is_enterprise
|
|
type: string
|
|
CaptchaChallenge:
|
|
type: object
|
|
description: Site public key
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-captcha
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
site_key:
|
|
type: string
|
|
js_url:
|
|
type: string
|
|
interactive:
|
|
type: boolean
|
|
required:
|
|
- interactive
|
|
- js_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- site_key
|
|
CaptchaChallengeResponseRequest:
|
|
type: object
|
|
description: Validate captcha token
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-captcha
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
CaptchaStage:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
public_key:
|
|
type: string
|
|
description: Public key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
api_url:
|
|
type: string
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- public_key
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
CaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
required:
|
|
- name
|
|
- private_key
|
|
- public_key
|
|
CertAttributeEnum:
|
|
enum:
|
|
- subject
|
|
- common_name
|
|
- email
|
|
type: string
|
|
CertificateData:
|
|
type: object
|
|
description: Get CertificateKeyPair's data
|
|
properties:
|
|
data:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- data
|
|
CertificateGenerationRequest:
|
|
type: object
|
|
description: Certificate generation parameters
|
|
properties:
|
|
common_name:
|
|
type: string
|
|
minLength: 1
|
|
subject_alt_name:
|
|
type: string
|
|
validity_days:
|
|
type: integer
|
|
alg:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AlgEnum'
|
|
default: rsa
|
|
required:
|
|
- common_name
|
|
- validity_days
|
|
CertificateKeyPair:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Kp uuid
|
|
name:
|
|
type: string
|
|
fingerprint_sha256:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: SHA256 fingerprint of the certificate
|
|
fingerprint_sha1:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: SHA1 fingerprint of the certificate
|
|
cert_expiry:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
description: Certificate expiry date
|
|
cert_subject:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: Certificate subject as RFC4514 string
|
|
private_key_available:
|
|
type: boolean
|
|
description: Show if this keypair has a private key configured or not
|
|
readOnly: true
|
|
key_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KeyTypeEnum'
|
|
readOnly: true
|
|
nullable: true
|
|
description: Key algorithm type detected from the certificate's public key
|
|
certificate_download_url:
|
|
type: string
|
|
description: Get URL to download certificate
|
|
readOnly: true
|
|
private_key_download_url:
|
|
type: string
|
|
description: Get URL to download private key
|
|
readOnly: true
|
|
managed:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- cert_expiry
|
|
- cert_subject
|
|
- certificate_download_url
|
|
- fingerprint_sha1
|
|
- fingerprint_sha256
|
|
- key_type
|
|
- managed
|
|
- name
|
|
- pk
|
|
- private_key_available
|
|
- private_key_download_url
|
|
CertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
required:
|
|
- certificate_data
|
|
- name
|
|
ChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AccessDeniedChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorEmailChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
- $ref: '#/components/schemas/AutosubmitChallenge'
|
|
- $ref: '#/components/schemas/CaptchaChallenge'
|
|
- $ref: '#/components/schemas/ConsentChallenge'
|
|
- $ref: '#/components/schemas/DummyChallenge'
|
|
- $ref: '#/components/schemas/EmailChallenge'
|
|
- $ref: '#/components/schemas/EndpointAgentChallenge'
|
|
- $ref: '#/components/schemas/FlowErrorChallenge'
|
|
- $ref: '#/components/schemas/FrameChallenge'
|
|
- $ref: '#/components/schemas/IdentificationChallenge'
|
|
- $ref: '#/components/schemas/IframeLogoutChallenge'
|
|
- $ref: '#/components/schemas/NativeLogoutChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
- $ref: '#/components/schemas/PasswordChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/PromptChallenge'
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/SessionEndChallenge'
|
|
- $ref: '#/components/schemas/ShellChallenge'
|
|
- $ref: '#/components/schemas/TelegramLoginChallenge'
|
|
- $ref: '#/components/schemas/UserLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallenge'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallenge'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallenge'
|
|
ak-stage-email: '#/components/schemas/EmailChallenge'
|
|
ak-stage-endpoint-agent: '#/components/schemas/EndpointAgentChallenge'
|
|
ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge'
|
|
xak-flow-frame: '#/components/schemas/FrameChallenge'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallenge'
|
|
ak-provider-iframe-logout: '#/components/schemas/IframeLogoutChallenge'
|
|
ak-provider-saml-native-logout: '#/components/schemas/NativeLogoutChallenge'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
ak-stage-password: '#/components/schemas/PasswordChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallenge'
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
ak-stage-session-end: '#/components/schemas/SessionEndChallenge'
|
|
xak-flow-shell: '#/components/schemas/ShellChallenge'
|
|
ak-source-telegram: '#/components/schemas/TelegramLoginChallenge'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallenge'
|
|
ClientTypeEnum:
|
|
enum:
|
|
- confidential
|
|
- public
|
|
type: string
|
|
CompatibilityModeEnum:
|
|
enum:
|
|
- default
|
|
- aws
|
|
- slack
|
|
- sfdc
|
|
type: string
|
|
Config:
|
|
type: object
|
|
description: Serialize authentik Config into DRF Object
|
|
properties:
|
|
error_reporting:
|
|
$ref: '#/components/schemas/ErrorReportingConfig'
|
|
capabilities:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CapabilitiesEnum'
|
|
cache_timeout:
|
|
type: integer
|
|
cache_timeout_flows:
|
|
type: integer
|
|
cache_timeout_policies:
|
|
type: integer
|
|
required:
|
|
- cache_timeout
|
|
- cache_timeout_flows
|
|
- cache_timeout_policies
|
|
- capabilities
|
|
- error_reporting
|
|
ConnectionToken:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RACProvider'
|
|
readOnly: true
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
endpoint_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Endpoint'
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- endpoint
|
|
- endpoint_obj
|
|
- provider
|
|
- provider_obj
|
|
- user
|
|
ConnectionTokenRequest:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- endpoint
|
|
- provider
|
|
Connector:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ConsentChallenge:
|
|
type: object
|
|
description: Challenge info for consent screens
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-consent
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
header_text:
|
|
type: string
|
|
permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
additional_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
token:
|
|
type: string
|
|
required:
|
|
- additional_permissions
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- permissions
|
|
- token
|
|
ConsentChallengeResponseRequest:
|
|
type: object
|
|
description: Consent challenge response, any valid response request is valid
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-consent
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
ConsentPermission:
|
|
type: object
|
|
description: Permission used for consent
|
|
properties:
|
|
name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
required:
|
|
- id
|
|
- name
|
|
ConsentStage:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ConsentStageModeEnum:
|
|
enum:
|
|
- always_require
|
|
- permanent
|
|
- expiring
|
|
type: string
|
|
ConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
ContentType:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- id
|
|
- model
|
|
- verbose_name_plural
|
|
ContextualFlowInfo:
|
|
type: object
|
|
description: Contextual flow information for a challenge
|
|
properties:
|
|
title:
|
|
type: string
|
|
background:
|
|
type: string
|
|
background_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
nullable: true
|
|
cancel_url:
|
|
type: string
|
|
layout:
|
|
$ref: '#/components/schemas/ContextualFlowInfoLayoutEnum'
|
|
required:
|
|
- cancel_url
|
|
- layout
|
|
ContextualFlowInfoLayoutEnum:
|
|
enum:
|
|
- stacked
|
|
- content_left
|
|
- content_right
|
|
- sidebar_left
|
|
- sidebar_right
|
|
type: string
|
|
CountryCodeEnum:
|
|
enum:
|
|
- AF
|
|
- AX
|
|
- AL
|
|
- DZ
|
|
- AS
|
|
- AD
|
|
- AO
|
|
- AI
|
|
- AQ
|
|
- AG
|
|
- AR
|
|
- AM
|
|
- AW
|
|
- AU
|
|
- AT
|
|
- AZ
|
|
- BS
|
|
- BH
|
|
- BD
|
|
- BB
|
|
- BY
|
|
- BE
|
|
- BZ
|
|
- BJ
|
|
- BM
|
|
- BT
|
|
- BO
|
|
- BQ
|
|
- BA
|
|
- BW
|
|
- BV
|
|
- BR
|
|
- IO
|
|
- BN
|
|
- BG
|
|
- BF
|
|
- BI
|
|
- CV
|
|
- KH
|
|
- CM
|
|
- CA
|
|
- KY
|
|
- CF
|
|
- TD
|
|
- CL
|
|
- CN
|
|
- CX
|
|
- CC
|
|
- CO
|
|
- KM
|
|
- CG
|
|
- CD
|
|
- CK
|
|
- CR
|
|
- CI
|
|
- HR
|
|
- CU
|
|
- CW
|
|
- CY
|
|
- CZ
|
|
- DK
|
|
- DJ
|
|
- DM
|
|
- DO
|
|
- EC
|
|
- EG
|
|
- SV
|
|
- GQ
|
|
- ER
|
|
- EE
|
|
- SZ
|
|
- ET
|
|
- FK
|
|
- FO
|
|
- FJ
|
|
- FI
|
|
- FR
|
|
- GF
|
|
- PF
|
|
- TF
|
|
- GA
|
|
- GM
|
|
- GE
|
|
- DE
|
|
- GH
|
|
- GI
|
|
- GR
|
|
- GL
|
|
- GD
|
|
- GP
|
|
- GU
|
|
- GT
|
|
- GG
|
|
- GN
|
|
- GW
|
|
- GY
|
|
- HT
|
|
- HM
|
|
- VA
|
|
- HN
|
|
- HK
|
|
- HU
|
|
- IS
|
|
- IN
|
|
- ID
|
|
- IR
|
|
- IQ
|
|
- IE
|
|
- IM
|
|
- IL
|
|
- IT
|
|
- JM
|
|
- JP
|
|
- JE
|
|
- JO
|
|
- KZ
|
|
- KE
|
|
- KI
|
|
- KW
|
|
- KG
|
|
- LA
|
|
- LV
|
|
- LB
|
|
- LS
|
|
- LR
|
|
- LY
|
|
- LI
|
|
- LT
|
|
- LU
|
|
- MO
|
|
- MG
|
|
- MW
|
|
- MY
|
|
- MV
|
|
- ML
|
|
- MT
|
|
- MH
|
|
- MQ
|
|
- MR
|
|
- MU
|
|
- YT
|
|
- MX
|
|
- FM
|
|
- MD
|
|
- MC
|
|
- MN
|
|
- ME
|
|
- MS
|
|
- MA
|
|
- MZ
|
|
- MM
|
|
- NA
|
|
- NR
|
|
- NP
|
|
- NL
|
|
- NC
|
|
- NZ
|
|
- NI
|
|
- NE
|
|
- NG
|
|
- NU
|
|
- NF
|
|
- KP
|
|
- MK
|
|
- MP
|
|
- 'NO'
|
|
- OM
|
|
- PK
|
|
- PW
|
|
- PS
|
|
- PA
|
|
- PG
|
|
- PY
|
|
- PE
|
|
- PH
|
|
- PN
|
|
- PL
|
|
- PT
|
|
- PR
|
|
- QA
|
|
- RE
|
|
- RO
|
|
- RU
|
|
- RW
|
|
- BL
|
|
- SH
|
|
- KN
|
|
- LC
|
|
- MF
|
|
- PM
|
|
- VC
|
|
- WS
|
|
- SM
|
|
- ST
|
|
- SA
|
|
- SN
|
|
- RS
|
|
- SC
|
|
- SL
|
|
- SG
|
|
- SX
|
|
- SK
|
|
- SI
|
|
- SB
|
|
- SO
|
|
- ZA
|
|
- GS
|
|
- KR
|
|
- SS
|
|
- ES
|
|
- LK
|
|
- SD
|
|
- SR
|
|
- SJ
|
|
- SE
|
|
- CH
|
|
- SY
|
|
- TW
|
|
- TJ
|
|
- TZ
|
|
- TH
|
|
- TL
|
|
- TG
|
|
- TK
|
|
- TO
|
|
- TT
|
|
- TN
|
|
- TR
|
|
- TM
|
|
- TC
|
|
- TV
|
|
- UG
|
|
- UA
|
|
- AE
|
|
- GB
|
|
- UM
|
|
- US
|
|
- UY
|
|
- UZ
|
|
- VU
|
|
- VE
|
|
- VN
|
|
- VG
|
|
- VI
|
|
- WF
|
|
- EH
|
|
- YE
|
|
- ZM
|
|
- ZW
|
|
type: string
|
|
CurrentBrand:
|
|
type: object
|
|
description: Partial brand information for styling
|
|
properties:
|
|
matched_domain:
|
|
type: string
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_logo_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
branding_favicon:
|
|
type: string
|
|
branding_favicon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
branding_custom_css:
|
|
type: string
|
|
ui_footer_links:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FooterLink'
|
|
readOnly: true
|
|
ui_theme:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UiThemeEnum'
|
|
readOnly: true
|
|
default: automatic
|
|
flow_authentication:
|
|
type: string
|
|
flow_invalidation:
|
|
type: string
|
|
flow_recovery:
|
|
type: string
|
|
flow_unenrollment:
|
|
type: string
|
|
flow_user_settings:
|
|
type: string
|
|
flow_device_code:
|
|
type: string
|
|
default_locale:
|
|
type: string
|
|
readOnly: true
|
|
flags:
|
|
type: object
|
|
properties:
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
policies_buffered_access_view:
|
|
type: boolean
|
|
flows_refresh_others:
|
|
type: boolean
|
|
required:
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_refresh_others
|
|
- policies_buffered_access_view
|
|
readOnly: true
|
|
required:
|
|
- branding_custom_css
|
|
- branding_favicon
|
|
- branding_favicon_themed_urls
|
|
- branding_logo
|
|
- branding_logo_themed_urls
|
|
- branding_title
|
|
- default_locale
|
|
- flags
|
|
- matched_domain
|
|
- ui_footer_links
|
|
- ui_theme
|
|
DataExport:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
requested_by:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
requested_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
content_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ContentType'
|
|
readOnly: true
|
|
query_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
file_url:
|
|
type: string
|
|
readOnly: true
|
|
completed:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- completed
|
|
- content_type
|
|
- file_url
|
|
- id
|
|
- query_params
|
|
- requested_by
|
|
- requested_on
|
|
DeliveryMethodEnum:
|
|
enum:
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/push
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/poll
|
|
type: string
|
|
DeniedActionEnum:
|
|
enum:
|
|
- message_continue
|
|
- message
|
|
- continue
|
|
type: string
|
|
DenyStage:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- name
|
|
DetailedCountry:
|
|
type: object
|
|
properties:
|
|
code:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
name:
|
|
type: string
|
|
required:
|
|
- code
|
|
- name
|
|
DetailedCountryField:
|
|
type: object
|
|
properties:
|
|
code:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
name:
|
|
type: string
|
|
required:
|
|
- code
|
|
- name
|
|
Device:
|
|
type: object
|
|
description: Serializer for authenticator devices
|
|
properties:
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
type:
|
|
type: string
|
|
description: Get type of device
|
|
readOnly: true
|
|
confirmed:
|
|
type: boolean
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
extra_description:
|
|
type: string
|
|
nullable: true
|
|
description: Get extra description
|
|
readOnly: true
|
|
external_id:
|
|
type: string
|
|
nullable: true
|
|
description: Get external Device ID
|
|
readOnly: true
|
|
required:
|
|
- confirmed
|
|
- created
|
|
- external_id
|
|
- extra_description
|
|
- last_updated
|
|
- last_used
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DeviceAccessGroup:
|
|
type: object
|
|
properties:
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- pbm_uuid
|
|
DeviceAccessGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
DeviceChallenge:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
device_uid:
|
|
type: string
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
- last_used
|
|
DeviceChallengeRequest:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
device_uid:
|
|
type: string
|
|
minLength: 1
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
- last_used
|
|
DeviceClassesEnum:
|
|
enum:
|
|
- static
|
|
- totp
|
|
- webauthn
|
|
- duo
|
|
- sms
|
|
- email
|
|
type: string
|
|
DeviceConnection:
|
|
type: object
|
|
properties:
|
|
device:
|
|
type: string
|
|
format: uuid
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
latest_snapshot:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- connector_obj
|
|
- device
|
|
- latest_snapshot
|
|
DeviceFactSnapshot:
|
|
type: object
|
|
properties:
|
|
data:
|
|
$ref: '#/components/schemas/DeviceFacts'
|
|
connection:
|
|
type: string
|
|
format: uuid
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
vendor:
|
|
allOf:
|
|
- $ref: '#/components/schemas/VendorEnum'
|
|
readOnly: true
|
|
required:
|
|
- connection
|
|
- created
|
|
- data
|
|
- expires
|
|
- vendor
|
|
DeviceFacts:
|
|
type: object
|
|
properties:
|
|
os:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OperatingSystem'
|
|
nullable: true
|
|
disks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Disk'
|
|
nullable: true
|
|
network:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Network'
|
|
nullable: true
|
|
hardware:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Hardware'
|
|
nullable: true
|
|
software:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Software'
|
|
nullable: true
|
|
processes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Process'
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUser'
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceGroup'
|
|
nullable: true
|
|
vendor:
|
|
type: object
|
|
additionalProperties: {}
|
|
DeviceFactsOSFamily:
|
|
enum:
|
|
- linux
|
|
- unix
|
|
- bsd
|
|
- windows
|
|
- mac_os
|
|
- android
|
|
- i_os
|
|
- other
|
|
type: string
|
|
DeviceFactsRequest:
|
|
type: object
|
|
properties:
|
|
os:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OperatingSystemRequest'
|
|
nullable: true
|
|
disks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DiskRequest'
|
|
nullable: true
|
|
network:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkRequest'
|
|
nullable: true
|
|
hardware:
|
|
allOf:
|
|
- $ref: '#/components/schemas/HardwareRequest'
|
|
nullable: true
|
|
software:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SoftwareRequest'
|
|
nullable: true
|
|
processes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProcessRequest'
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUserRequest'
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceGroupRequest'
|
|
nullable: true
|
|
vendor:
|
|
type: object
|
|
additionalProperties: {}
|
|
DeviceGroup:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
required:
|
|
- id
|
|
DeviceGroupRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
DeviceSummary:
|
|
type: object
|
|
description: Summary of registered devices
|
|
properties:
|
|
total_count:
|
|
type: integer
|
|
unreachable_count:
|
|
type: integer
|
|
outdated_agent_count:
|
|
type: integer
|
|
required:
|
|
- outdated_agent_count
|
|
- total_count
|
|
- unreachable_count
|
|
DeviceUser:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
username:
|
|
type: string
|
|
name:
|
|
type: string
|
|
home:
|
|
type: string
|
|
required:
|
|
- id
|
|
DeviceUserBinding:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy binding uuid
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
policy_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Policy'
|
|
readOnly: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
nullable: true
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
required:
|
|
- connector
|
|
- connector_obj
|
|
- group_obj
|
|
- order
|
|
- pk
|
|
- policy_obj
|
|
- target
|
|
- user_obj
|
|
DeviceUserBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
required:
|
|
- order
|
|
- target
|
|
DeviceUserRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
home:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
DigestAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
type: string
|
|
DigitsEnum:
|
|
enum:
|
|
- '6'
|
|
- '8'
|
|
type: string
|
|
Disk:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
mountpoint:
|
|
type: string
|
|
label:
|
|
type: string
|
|
capacity_total_bytes:
|
|
type: integer
|
|
format: int64
|
|
capacity_used_bytes:
|
|
type: integer
|
|
format: int64
|
|
encryption_enabled:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- mountpoint
|
|
- name
|
|
DiskRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mountpoint:
|
|
type: string
|
|
minLength: 1
|
|
label:
|
|
type: string
|
|
capacity_total_bytes:
|
|
type: integer
|
|
format: int64
|
|
capacity_used_bytes:
|
|
type: integer
|
|
format: int64
|
|
encryption_enabled:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- mountpoint
|
|
- name
|
|
DockerServiceConnection:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- name
|
|
- url
|
|
Domain:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- id
|
|
- tenant
|
|
DomainRequest:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- tenant
|
|
DummyChallenge:
|
|
type: object
|
|
description: Dummy challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-dummy
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
DummyChallengeResponseRequest:
|
|
type: object
|
|
description: Dummy challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-dummy
|
|
DummyPolicy:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
DummyStage:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
DuoDevice:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- user
|
|
DuoDeviceEnrollmentStatus:
|
|
type: object
|
|
properties:
|
|
duo_response:
|
|
$ref: '#/components/schemas/DuoResponseEnum'
|
|
required:
|
|
- duo_response
|
|
DuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
DuoResponseEnum:
|
|
enum:
|
|
- success
|
|
- waiting
|
|
- invalid
|
|
type: string
|
|
EmailChallenge:
|
|
type: object
|
|
description: Email challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-email
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
EmailChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Email challenge resposen. No fields. This challenge is
|
|
always declared invalid to give the user a chance to retry
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-email
|
|
EmailDevice:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
email:
|
|
type: string
|
|
format: email
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- email
|
|
- name
|
|
- pk
|
|
- user
|
|
EmailDeviceRequest:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
EmailStage:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
template:
|
|
type: string
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
Endpoint:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RACProvider'
|
|
readOnly: true
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
launch_url:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Build actual launch URL (the provider itself does not have one, just
|
|
individual endpoints)
|
|
readOnly: true
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- auth_mode
|
|
- host
|
|
- launch_url
|
|
- name
|
|
- pk
|
|
- protocol
|
|
- provider
|
|
- provider_obj
|
|
EndpointAgentChallenge:
|
|
type: object
|
|
description: Signed challenge for authentik agent to respond to
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-endpoint-agent
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
challenge:
|
|
type: string
|
|
challenge_idle_timeout:
|
|
type: integer
|
|
required:
|
|
- challenge
|
|
- challenge_idle_timeout
|
|
EndpointAgentChallengeResponseRequest:
|
|
type: object
|
|
description: Response to signed challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-endpoint-agent
|
|
response:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
EndpointAuthModeEnum:
|
|
enum:
|
|
- static
|
|
- prompt
|
|
type: string
|
|
EndpointDevice:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
facts:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- facts
|
|
- name
|
|
- pbm_uuid
|
|
EndpointDeviceDetails:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
facts:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
connections_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceConnection'
|
|
policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
connections:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
required:
|
|
- connections
|
|
- connections_obj
|
|
- facts
|
|
- name
|
|
- pbm_uuid
|
|
- policies
|
|
EndpointDeviceRequest:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
EndpointRequest:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
provider:
|
|
type: integer
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- auth_mode
|
|
- host
|
|
- name
|
|
- protocol
|
|
- provider
|
|
EndpointStage:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
required:
|
|
- component
|
|
- connector
|
|
- connector_obj
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EndpointStageRequest:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
required:
|
|
- connector
|
|
- name
|
|
EnrollRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
device_serial:
|
|
type: string
|
|
minLength: 1
|
|
device_name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- device_name
|
|
- device_serial
|
|
EnrollmentToken:
|
|
type: object
|
|
properties:
|
|
token_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
device_group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceAccessGroup'
|
|
readOnly: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- device_group_obj
|
|
- name
|
|
- token_uuid
|
|
EnrollmentTokenRequest:
|
|
type: object
|
|
properties:
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- name
|
|
ErrorDetail:
|
|
type: object
|
|
description: Serializer for rest_framework's error messages
|
|
properties:
|
|
string:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- code
|
|
- string
|
|
ErrorReportingConfig:
|
|
type: object
|
|
description: Config for error reporting
|
|
properties:
|
|
enabled:
|
|
type: boolean
|
|
readOnly: true
|
|
sentry_dsn:
|
|
type: string
|
|
readOnly: true
|
|
environment:
|
|
type: string
|
|
readOnly: true
|
|
send_pii:
|
|
type: boolean
|
|
readOnly: true
|
|
traces_sample_rate:
|
|
type: number
|
|
format: double
|
|
readOnly: true
|
|
required:
|
|
- enabled
|
|
- environment
|
|
- send_pii
|
|
- sentry_dsn
|
|
- traces_sample_rate
|
|
Event:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Event uuid
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
- created
|
|
- pk
|
|
EventActions:
|
|
enum:
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- user_write
|
|
- suspicious_request
|
|
- password_set
|
|
- secret_view
|
|
- secret_rotate
|
|
- invitation_used
|
|
- authorize_application
|
|
- source_linked
|
|
- impersonation_started
|
|
- impersonation_ended
|
|
- flow_execution
|
|
- policy_execution
|
|
- policy_exception
|
|
- property_mapping_exception
|
|
- system_task_execution
|
|
- system_task_exception
|
|
- system_exception
|
|
- configuration_error
|
|
- model_created
|
|
- model_updated
|
|
- model_deleted
|
|
- email_sent
|
|
- update_available
|
|
- export_ready
|
|
- custom_
|
|
type: string
|
|
EventMatcherPolicy:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
required:
|
|
- name
|
|
EventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
EventTopPerUser:
|
|
type: object
|
|
description: Response object of Event's top_per_user
|
|
properties:
|
|
application:
|
|
type: object
|
|
additionalProperties: {}
|
|
counted_events:
|
|
type: integer
|
|
unique_users:
|
|
type: integer
|
|
required:
|
|
- application
|
|
- counted_events
|
|
- unique_users
|
|
EventVolume:
|
|
type: object
|
|
description: Count of events of action created on day
|
|
properties:
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
time:
|
|
type: string
|
|
format: date-time
|
|
count:
|
|
type: integer
|
|
required:
|
|
- action
|
|
- count
|
|
- time
|
|
EventsRequestedEnum:
|
|
enum:
|
|
- https://schemas.openid.net/secevent/caep/event-type/session-revoked
|
|
- https://schemas.openid.net/secevent/caep/event-type/credential-change
|
|
- https://schemas.openid.net/secevent/ssf/event-type/verification
|
|
type: string
|
|
ExpiringBaseGrantModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and ExpiringBaseGrant
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
ExpressionPolicy:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
expression:
|
|
type: string
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
ExtraRoleObjectPermission:
|
|
type: object
|
|
description: Role permission with additional object-related data
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Get app label from permission's model
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Get model label from permission's model
|
|
readOnly: true
|
|
object_description:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get model description from attached model. This operation takes at least
|
|
one additional query, and the description is only shown if the role has the
|
|
view_ permission on the object
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
- object_description
|
|
- object_pk
|
|
FileList:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
name:
|
|
type: string
|
|
mime_type:
|
|
type: string
|
|
url:
|
|
type: string
|
|
themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
nullable: true
|
|
required:
|
|
- mime_type
|
|
- name
|
|
- url
|
|
FileUploadRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
file:
|
|
type: string
|
|
format: binary
|
|
name:
|
|
type: string
|
|
usage:
|
|
type: string
|
|
minLength: 1
|
|
default: media
|
|
required:
|
|
- file
|
|
FleetConnector:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
format: uri
|
|
maxLength: 200
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
FleetConnectorRequest:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- token
|
|
- url
|
|
Flow:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
background_url:
|
|
type: string
|
|
description: Get the URL to the background image
|
|
readOnly: true
|
|
background_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
cache_count:
|
|
type: integer
|
|
description: Get count of cached flows
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
required:
|
|
- background_themed_urls
|
|
- background_url
|
|
- cache_count
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policies
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- stages
|
|
- title
|
|
FlowChallengeResponseRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AppleChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/DummyChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/EmailChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/EndpointAgentChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/FrameChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/IframeLogoutChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/NativeLogoutChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PromptChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/RedirectChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/TelegramChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
|
|
ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
|
|
ak-stage-endpoint-agent: '#/components/schemas/EndpointAgentChallengeResponseRequest'
|
|
xak-flow-frame: '#/components/schemas/FrameChallengeResponseRequest'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
ak-provider-iframe-logout: '#/components/schemas/IframeLogoutChallengeResponseRequest'
|
|
ak-provider-saml-native-logout: '#/components/schemas/NativeLogoutChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallengeResponseRequest'
|
|
ak-source-telegram: '#/components/schemas/TelegramChallengeResponseRequest'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
FlowDesignationEnum:
|
|
enum:
|
|
- authentication
|
|
- authorization
|
|
- invalidation
|
|
- enrollment
|
|
- unenrollment
|
|
- recovery
|
|
- stage_configuration
|
|
type: string
|
|
FlowDiagram:
|
|
type: object
|
|
description: response of the flow's diagram action
|
|
properties:
|
|
diagram:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- diagram
|
|
FlowErrorChallenge:
|
|
type: object
|
|
description: |-
|
|
Challenge class when an unhandled error occurs during a stage. Normal users
|
|
are shown an error message, superusers are shown a full stacktrace.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-flow-error
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
request_id:
|
|
type: string
|
|
error:
|
|
type: string
|
|
traceback:
|
|
type: string
|
|
required:
|
|
- request_id
|
|
FlowImportResult:
|
|
type: object
|
|
description: Logs of an attempted flow import
|
|
properties:
|
|
logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
success:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- logs
|
|
- success
|
|
FlowInspection:
|
|
type: object
|
|
description: Serializer for inspect endpoint
|
|
properties:
|
|
plans:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
current_plan:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
is_completed:
|
|
type: boolean
|
|
required:
|
|
- is_completed
|
|
- plans
|
|
FlowInspectorPlan:
|
|
type: object
|
|
description: Serializer for an active FlowPlan
|
|
properties:
|
|
current_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
next_planned_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
plan_context:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get the plan's context, sanitized
|
|
readOnly: true
|
|
session_id:
|
|
type: string
|
|
description: Get a unique session ID
|
|
readOnly: true
|
|
required:
|
|
- current_stage
|
|
- next_planned_stage
|
|
- plan_context
|
|
- session_id
|
|
FlowLayoutEnum:
|
|
enum:
|
|
- stacked
|
|
- content_left
|
|
- content_right
|
|
- sidebar_left
|
|
- sidebar_right
|
|
type: string
|
|
FlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
required:
|
|
- designation
|
|
- name
|
|
- slug
|
|
- title
|
|
FlowSet:
|
|
type: object
|
|
description: Stripped down flow serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background_url:
|
|
type: string
|
|
description: Get the URL to the background image
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
required:
|
|
- background_url
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- title
|
|
FlowStageBinding:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Fsb uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
stage_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Stage'
|
|
readOnly: true
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
required:
|
|
- order
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- stage
|
|
- stage_obj
|
|
- target
|
|
FlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
required:
|
|
- order
|
|
- stage
|
|
- target
|
|
FlowUploadRequest:
|
|
type: object
|
|
description: Serializer to upload file
|
|
properties:
|
|
file:
|
|
type: string
|
|
format: binary
|
|
clear:
|
|
type: boolean
|
|
default: false
|
|
FooterLink:
|
|
type: object
|
|
description: Links returned in Config API
|
|
properties:
|
|
href:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- href
|
|
- name
|
|
FrameChallenge:
|
|
type: object
|
|
description: Challenge type to render a frame
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-frame
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
url:
|
|
type: string
|
|
loading_overlay:
|
|
type: boolean
|
|
default: false
|
|
loading_text:
|
|
type: string
|
|
required:
|
|
- loading_text
|
|
- url
|
|
FrameChallengeResponseRequest:
|
|
type: object
|
|
description: Base class for all challenge responses
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: xak-flow-frame
|
|
GenericError:
|
|
type: object
|
|
description: Generic API Error
|
|
properties:
|
|
detail:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- detail
|
|
GeoIPPolicy:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
countries_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DetailedCountryField'
|
|
readOnly: true
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- countries
|
|
- countries_obj
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GeoIPPolicyRequest:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- countries
|
|
- name
|
|
GeoipBindingEnum:
|
|
enum:
|
|
- no_binding
|
|
- bind_continent
|
|
- bind_continent_country
|
|
- bind_continent_country_city
|
|
type: string
|
|
GlobalTaskStatus:
|
|
type: object
|
|
properties:
|
|
queued:
|
|
type: integer
|
|
readOnly: true
|
|
consumed:
|
|
type: integer
|
|
readOnly: true
|
|
preprocess:
|
|
type: integer
|
|
readOnly: true
|
|
running:
|
|
type: integer
|
|
readOnly: true
|
|
postprocess:
|
|
type: integer
|
|
readOnly: true
|
|
rejected:
|
|
type: integer
|
|
readOnly: true
|
|
done:
|
|
type: integer
|
|
readOnly: true
|
|
info:
|
|
type: integer
|
|
readOnly: true
|
|
warning:
|
|
type: integer
|
|
readOnly: true
|
|
error:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- consumed
|
|
- done
|
|
- error
|
|
- info
|
|
- postprocess
|
|
- preprocess
|
|
- queued
|
|
- rejected
|
|
- running
|
|
- warning
|
|
GoogleEndpointDevice:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
GoogleEndpointDeviceRequest:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
GoogleWorkspaceProvider:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- component
|
|
- credentials
|
|
- default_group_email_domain
|
|
- delegated_subject
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GoogleWorkspaceProviderGroup:
|
|
type: object
|
|
description: GoogleWorkspaceProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
google_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- google_id
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- provider
|
|
GoogleWorkspaceProviderGroupRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderGroup Serializer
|
|
properties:
|
|
google_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- google_id
|
|
- group
|
|
- provider
|
|
GoogleWorkspaceProviderMapping:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GoogleWorkspaceProviderMappingRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
GoogleWorkspaceProviderRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
minLength: 1
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- credentials
|
|
- default_group_email_domain
|
|
- delegated_subject
|
|
- name
|
|
GoogleWorkspaceProviderUser:
|
|
type: object
|
|
description: GoogleWorkspaceProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
google_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- google_id
|
|
- id
|
|
- provider
|
|
- user
|
|
- user_obj
|
|
GoogleWorkspaceProviderUserRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderUser Serializer
|
|
properties:
|
|
google_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- google_id
|
|
- provider
|
|
- user
|
|
Group:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
parents_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RelatedGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
users_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
inherited_roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
nullable: true
|
|
children:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
children_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RelatedGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- children
|
|
- children_obj
|
|
- inherited_roles_obj
|
|
- name
|
|
- num_pk
|
|
- parents_obj
|
|
- pk
|
|
- roles_obj
|
|
- users_obj
|
|
GroupKerberosSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupLDAPSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupMatchingModeEnum:
|
|
enum:
|
|
- identifier
|
|
- name_link
|
|
- name_deny
|
|
type: string
|
|
GroupOAuthSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupPlexSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupPlexSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- name
|
|
GroupSAMLSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupTelegramSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
Hardware:
|
|
type: object
|
|
properties:
|
|
model:
|
|
type: string
|
|
manufacturer:
|
|
type: string
|
|
serial:
|
|
type: string
|
|
cpu_name:
|
|
type: string
|
|
cpu_count:
|
|
type: integer
|
|
memory_bytes:
|
|
type: integer
|
|
format: int64
|
|
required:
|
|
- serial
|
|
HardwareRequest:
|
|
type: object
|
|
properties:
|
|
model:
|
|
type: string
|
|
minLength: 1
|
|
manufacturer:
|
|
type: string
|
|
minLength: 1
|
|
serial:
|
|
type: string
|
|
minLength: 1
|
|
cpu_name:
|
|
type: string
|
|
minLength: 1
|
|
cpu_count:
|
|
type: integer
|
|
memory_bytes:
|
|
type: integer
|
|
format: int64
|
|
required:
|
|
- serial
|
|
IdentificationChallenge:
|
|
type: object
|
|
description: Identification challenges with all UI elements
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-identification
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
nullable: true
|
|
password_fields:
|
|
type: boolean
|
|
allow_show_password:
|
|
type: boolean
|
|
default: false
|
|
application_pre:
|
|
type: string
|
|
flow_designation:
|
|
$ref: '#/components/schemas/FlowDesignationEnum'
|
|
captcha_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CaptchaChallenge'
|
|
nullable: true
|
|
enroll_url:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
passwordless_url:
|
|
type: string
|
|
primary_action:
|
|
type: string
|
|
sources:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LoginSource'
|
|
show_source_labels:
|
|
type: boolean
|
|
enable_remember_me:
|
|
type: boolean
|
|
default: true
|
|
passkey_challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
required:
|
|
- flow_designation
|
|
- password_fields
|
|
- primary_action
|
|
- show_source_labels
|
|
- user_fields
|
|
IdentificationChallengeResponseRequest:
|
|
type: object
|
|
description: Identification challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-identification
|
|
uid_field:
|
|
type: string
|
|
nullable: true
|
|
password:
|
|
type: string
|
|
nullable: true
|
|
captcha_token:
|
|
type: string
|
|
nullable: true
|
|
passkey:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
IdentificationStage:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
IdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
required:
|
|
- name
|
|
IframeLogoutChallenge:
|
|
type: object
|
|
description: Challenge for iframe logout
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-iframe-logout
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
logout_urls:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
IframeLogoutChallengeResponseRequest:
|
|
type: object
|
|
description: Response for iframe logout
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-iframe-logout
|
|
ImpersonationRequest:
|
|
type: object
|
|
properties:
|
|
reason:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- reason
|
|
InitialPermissions:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
permissions_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Permission'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- permissions_obj
|
|
- pk
|
|
- role
|
|
InitialPermissionsRequest:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- name
|
|
- role
|
|
InstallID:
|
|
type: object
|
|
properties:
|
|
install_id:
|
|
type: string
|
|
required:
|
|
- install_id
|
|
IntentEnum:
|
|
enum:
|
|
- verification
|
|
- api
|
|
- recovery
|
|
- app_password
|
|
type: string
|
|
InvalidResponseActionEnum:
|
|
enum:
|
|
- retry
|
|
- restart
|
|
- restart_with_context
|
|
type: string
|
|
Invitation:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Invite uuid
|
|
name:
|
|
type: string
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
created_by:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
flow_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Flow'
|
|
readOnly: true
|
|
required:
|
|
- created_by
|
|
- flow_obj
|
|
- name
|
|
- pk
|
|
InvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
required:
|
|
- name
|
|
InvitationStage:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
InvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- name
|
|
IssuerModeEnum:
|
|
enum:
|
|
- global
|
|
- per_provider
|
|
type: string
|
|
KadminTypeEnum:
|
|
enum:
|
|
- MIT
|
|
- Heimdal
|
|
type: string
|
|
KerberosSource:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
connectivity:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
description: Get cached source connectivity
|
|
readOnly: true
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- component
|
|
- connectivity
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- realm
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KerberosSourcePropertyMapping:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KerberosSourcePropertyMappingRequest:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
KerberosSourceRequest:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
minLength: 1
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_password:
|
|
type: string
|
|
writeOnly: true
|
|
description: Password to authenticate to kadmin for sync
|
|
sync_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
|
|
or in the form TYPE:residual
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: SPNEGO keytab base64-encoded or path to keytab in the form
|
|
FILE:path
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- name
|
|
- realm
|
|
- slug
|
|
KeyTypeEnum:
|
|
enum:
|
|
- rsa
|
|
- ec
|
|
- dsa
|
|
- ed25519
|
|
- ed448
|
|
type: string
|
|
KubernetesServiceConnection:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- name
|
|
LDAPAPIAccessMode:
|
|
enum:
|
|
- direct
|
|
- cached
|
|
type: string
|
|
LDAPCheckAccess:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
has_search_permission:
|
|
type: boolean
|
|
access:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
required:
|
|
- access
|
|
LDAPDebug:
|
|
type: object
|
|
properties:
|
|
user:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
group:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
membership:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- group
|
|
- membership
|
|
- user
|
|
LDAPOutpostConfig:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
bind_flow_slug:
|
|
type: string
|
|
unbind_flow_slug:
|
|
type: string
|
|
nullable: true
|
|
description: Get slug for unbind flow, defaulting to brand's default flow.
|
|
readOnly: true
|
|
application_slug:
|
|
type: string
|
|
description: Prioritise backchannel slug over direct application slug
|
|
readOnly: true
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- application_slug
|
|
- bind_flow_slug
|
|
- name
|
|
- pk
|
|
- unbind_flow_slug
|
|
LDAPProvider:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
LDAPSource:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
server_uri:
|
|
type: string
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connectivity:
|
|
type: object
|
|
additionalProperties:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
description: Get cached source connectivity
|
|
readOnly: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- base_dn
|
|
- component
|
|
- connectivity
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- server_uri
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPSourcePropertyMapping:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPSourcePropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
LDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
minLength: 1
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- base_dn
|
|
- name
|
|
- server_uri
|
|
- slug
|
|
LastTaskStatusEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
- info
|
|
- warning
|
|
- error
|
|
type: string
|
|
License:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
license_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
key:
|
|
type: string
|
|
expiry:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
internal_users:
|
|
type: integer
|
|
readOnly: true
|
|
external_users:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- expiry
|
|
- external_users
|
|
- internal_users
|
|
- key
|
|
- license_uuid
|
|
- name
|
|
LicenseFlagsEnum:
|
|
enum:
|
|
- trial
|
|
- non_production
|
|
type: string
|
|
LicenseForecast:
|
|
type: object
|
|
description: Serializer for license forecast
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
forecasted_internal_users:
|
|
type: integer
|
|
forecasted_external_users:
|
|
type: integer
|
|
required:
|
|
- external_users
|
|
- forecasted_external_users
|
|
- forecasted_internal_users
|
|
- internal_users
|
|
LicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
LicenseStatusEnum:
|
|
enum:
|
|
- unlicensed
|
|
- valid
|
|
- expired
|
|
- expiry_soon
|
|
- limit_exceeded_admin
|
|
- limit_exceeded_user
|
|
- read_only
|
|
type: string
|
|
LicenseSummary:
|
|
type: object
|
|
description: Serializer for license status
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
status:
|
|
$ref: '#/components/schemas/LicenseSummaryStatusEnum'
|
|
latest_valid:
|
|
type: string
|
|
format: date-time
|
|
license_flags:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LicenseFlagsEnum'
|
|
required:
|
|
- external_users
|
|
- internal_users
|
|
- latest_valid
|
|
- license_flags
|
|
- status
|
|
LicenseSummaryStatusEnum:
|
|
enum:
|
|
- unlicensed
|
|
- valid
|
|
- expired
|
|
- expiry_soon
|
|
- limit_exceeded_admin
|
|
- limit_exceeded_user
|
|
- read_only
|
|
type: string
|
|
Link:
|
|
type: object
|
|
description: Returns a single link
|
|
properties:
|
|
link:
|
|
type: string
|
|
required:
|
|
- link
|
|
LogEvent:
|
|
type: object
|
|
description: Single log message with all context logged.
|
|
properties:
|
|
timestamp:
|
|
type: string
|
|
format: date-time
|
|
log_level:
|
|
$ref: '#/components/schemas/LogLevelEnum'
|
|
logger:
|
|
type: string
|
|
event:
|
|
type: string
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- attributes
|
|
- event
|
|
- log_level
|
|
- logger
|
|
- timestamp
|
|
LogLevelEnum:
|
|
enum:
|
|
- critical
|
|
- exception
|
|
- error
|
|
- warn
|
|
- warning
|
|
- info
|
|
- debug
|
|
- notset
|
|
type: string
|
|
LoginChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/TelegramLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-source-telegram: '#/components/schemas/TelegramLoginChallenge'
|
|
LoginSource:
|
|
type: object
|
|
description: Serializer for Login buttons of sources
|
|
properties:
|
|
name:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
promoted:
|
|
type: boolean
|
|
default: false
|
|
challenge:
|
|
$ref: '#/components/schemas/LoginChallengeTypes'
|
|
required:
|
|
- challenge
|
|
- name
|
|
MDMConfigRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
platform:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
enrollment_token:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- enrollment_token
|
|
- platform
|
|
MDMConfigResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
config:
|
|
type: string
|
|
mime_type:
|
|
type: string
|
|
filename:
|
|
type: string
|
|
required:
|
|
- config
|
|
- filename
|
|
- mime_type
|
|
MatchingModeEnum:
|
|
enum:
|
|
- strict
|
|
- regex
|
|
type: string
|
|
Metadata:
|
|
type: object
|
|
description: Serializer for blueprint metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
labels:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- labels
|
|
- name
|
|
MicrosoftEntraProvider:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
client_secret:
|
|
type: string
|
|
tenant_id:
|
|
type: string
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- client_id
|
|
- client_secret
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- tenant_id
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MicrosoftEntraProviderGroup:
|
|
type: object
|
|
description: MicrosoftEntraProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
microsoft_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- microsoft_id
|
|
- provider
|
|
MicrosoftEntraProviderGroupRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderGroup Serializer
|
|
properties:
|
|
microsoft_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- group
|
|
- microsoft_id
|
|
- provider
|
|
MicrosoftEntraProviderMapping:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MicrosoftEntraProviderMappingRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
MicrosoftEntraProviderRequest:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
minLength: 1
|
|
tenant_id:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- client_id
|
|
- client_secret
|
|
- name
|
|
- tenant_id
|
|
MicrosoftEntraProviderUser:
|
|
type: object
|
|
description: MicrosoftEntraProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
microsoft_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- id
|
|
- microsoft_id
|
|
- provider
|
|
- user
|
|
- user_obj
|
|
MicrosoftEntraProviderUserRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderUser Serializer
|
|
properties:
|
|
microsoft_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- microsoft_id
|
|
- provider
|
|
- user
|
|
ModelEnum:
|
|
enum:
|
|
- authentik_tenants.domain
|
|
- authentik_core.group
|
|
- authentik_core.user
|
|
- authentik_core.application
|
|
- authentik_core.applicationentitlement
|
|
- authentik_core.token
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_endpoints.deviceuserbinding
|
|
- authentik_endpoints.deviceaccessgroup
|
|
- authentik_endpoints.endpointstage
|
|
- authentik_endpoints_connectors_agent.agentconnector
|
|
- authentik_endpoints_connectors_agent.agentdeviceuserbinding
|
|
- authentik_endpoints_connectors_agent.enrollmenttoken
|
|
- authentik_enterprise.license
|
|
- authentik_events.event
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_geoip.geoippolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_policies.policybinding
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_rac.racprovider
|
|
- authentik_providers_rac.endpoint
|
|
- authentik_providers_rac.racpropertymapping
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_radius.radiusproviderpropertymapping
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_rbac.role
|
|
- authentik_rbac.initialpermissions
|
|
- authentik_sources_kerberos.kerberossource
|
|
- authentik_sources_kerberos.kerberossourcepropertymapping
|
|
- authentik_sources_kerberos.userkerberossourceconnection
|
|
- authentik_sources_kerberos.groupkerberossourceconnection
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_ldap.ldapsourcepropertymapping
|
|
- authentik_sources_ldap.userldapsourceconnection
|
|
- authentik_sources_ldap.groupldapsourceconnection
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.oauthsourcepropertymapping
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_oauth.groupoauthsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourcepropertymapping
|
|
- authentik_sources_plex.userplexsourceconnection
|
|
- authentik_sources_plex.groupplexsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.samlsourcepropertymapping
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_sources_saml.groupsamlsourceconnection
|
|
- authentik_sources_scim.scimsource
|
|
- authentik_sources_scim.scimsourcepropertymapping
|
|
- authentik_sources_telegram.telegramsource
|
|
- authentik_sources_telegram.telegramsourcepropertymapping
|
|
- authentik_sources_telegram.usertelegramsourceconnection
|
|
- authentik_sources_telegram.grouptelegramsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_email.authenticatoremailstage
|
|
- authentik_stages_authenticator_email.emaildevice
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_redirect.redirectstage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_tasks_schedules.schedule
|
|
- authentik_brands.brand
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_endpoints_connectors_fleet.fleetconnector
|
|
- authentik_policies_unique_password.uniquepasswordpolicy
|
|
- authentik_providers_google_workspace.googleworkspaceprovider
|
|
- authentik_providers_google_workspace.googleworkspaceprovidermapping
|
|
- authentik_providers_microsoft_entra.microsoftentraprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
|
|
- authentik_providers_ssf.ssfprovider
|
|
- authentik_reports.dataexport
|
|
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
|
|
- authentik_stages_mtls.mutualtlsstage
|
|
- authentik_stages_source.sourcestage
|
|
type: string
|
|
MutualTLSStage:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
required:
|
|
- cert_attribute
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- mode
|
|
- name
|
|
- pk
|
|
- user_attribute
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MutualTLSStageRequest:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
required:
|
|
- cert_attribute
|
|
- mode
|
|
- name
|
|
- user_attribute
|
|
NativeLogoutChallenge:
|
|
type: object
|
|
description: Challenge for native browser logout
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-saml-native-logout
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
post_url:
|
|
type: string
|
|
saml_request:
|
|
type: string
|
|
relay_state:
|
|
type: string
|
|
provider_name:
|
|
type: string
|
|
binding:
|
|
type: string
|
|
redirect_url:
|
|
type: string
|
|
is_complete:
|
|
type: boolean
|
|
default: false
|
|
NativeLogoutChallengeResponseRequest:
|
|
type: object
|
|
description: Response for native browser logout
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-saml-native-logout
|
|
Network:
|
|
type: object
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
firewall_enabled:
|
|
type: boolean
|
|
interfaces:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NetworkInterface'
|
|
gateway:
|
|
type: string
|
|
required:
|
|
- hostname
|
|
- interfaces
|
|
NetworkBindingEnum:
|
|
enum:
|
|
- no_binding
|
|
- bind_asn
|
|
- bind_asn_network
|
|
- bind_asn_network_ip
|
|
type: string
|
|
NetworkInterface:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
hardware_address:
|
|
type: string
|
|
ip_addresses:
|
|
type: array
|
|
items:
|
|
type: string
|
|
dns_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- hardware_address
|
|
- name
|
|
NetworkInterfaceRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
hardware_address:
|
|
type: string
|
|
minLength: 1
|
|
ip_addresses:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
dns_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- hardware_address
|
|
- name
|
|
NetworkRequest:
|
|
type: object
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
minLength: 1
|
|
firewall_enabled:
|
|
type: boolean
|
|
interfaces:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NetworkInterfaceRequest'
|
|
gateway:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- hostname
|
|
- interfaces
|
|
NotConfiguredActionEnum:
|
|
enum:
|
|
- skip
|
|
- deny
|
|
- configure
|
|
type: string
|
|
Notification:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
readOnly: true
|
|
body:
|
|
type: string
|
|
readOnly: true
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
event:
|
|
$ref: '#/components/schemas/Event'
|
|
seen:
|
|
type: boolean
|
|
required:
|
|
- body
|
|
- created
|
|
- pk
|
|
- severity
|
|
NotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
NotificationRule:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Group'
|
|
readOnly: true
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
required:
|
|
- destination_group_obj
|
|
- name
|
|
- pk
|
|
NotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
required:
|
|
- name
|
|
NotificationTransport:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
mode_verbose:
|
|
type: string
|
|
description: Return selected mode with a UI Label
|
|
readOnly: true
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- mode_verbose
|
|
- name
|
|
- pk
|
|
NotificationTransportModeEnum:
|
|
enum:
|
|
- local
|
|
- webhook
|
|
- webhook_slack
|
|
- email
|
|
type: string
|
|
NotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
minLength: 1
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- name
|
|
NotificationTransportTest:
|
|
type: object
|
|
description: Notification test serializer
|
|
properties:
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- messages
|
|
NotificationWebhookMapping:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
required:
|
|
- expression
|
|
- name
|
|
- pk
|
|
NotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
OAuth2Provider:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURI'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- redirect_uris
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuth2ProviderLogoutMethodEnum:
|
|
enum:
|
|
- backchannel
|
|
- frontchannel
|
|
type: string
|
|
OAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURIRequest'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
- redirect_uris
|
|
OAuth2ProviderSetupURLs:
|
|
type: object
|
|
description: OAuth2 Provider Metadata serializer
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
readOnly: true
|
|
authorize:
|
|
type: string
|
|
readOnly: true
|
|
token:
|
|
type: string
|
|
readOnly: true
|
|
user_info:
|
|
type: string
|
|
readOnly: true
|
|
provider_info:
|
|
type: string
|
|
readOnly: true
|
|
logout:
|
|
type: string
|
|
readOnly: true
|
|
jwks:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- authorize
|
|
- issuer
|
|
- jwks
|
|
- logout
|
|
- provider_info
|
|
- token
|
|
- user_info
|
|
OAuthDeviceCodeChallenge:
|
|
type: object
|
|
description: OAuth Device code challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
OAuthDeviceCodeChallengeResponseRequest:
|
|
type: object
|
|
description: Response that includes the user-entered device code
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- code
|
|
OAuthDeviceCodeFinishChallenge:
|
|
type: object
|
|
description: Final challenge after user enters their code
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code-finish
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
OAuthDeviceCodeFinishChallengeResponseRequest:
|
|
type: object
|
|
description: Response that device has been authenticated and tab can be closed
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code-finish
|
|
OAuthSource:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
callback_url:
|
|
type: string
|
|
description: Get OAuth Callback URL
|
|
readOnly: true
|
|
additional_scopes:
|
|
type: string
|
|
type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SourceType'
|
|
readOnly: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
required:
|
|
- callback_url
|
|
- component
|
|
- consumer_key
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider_type
|
|
- slug
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuthSourcePropertyMapping:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuthSourcePropertyMappingRequest:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
OAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
required:
|
|
- consumer_key
|
|
- consumer_secret
|
|
- name
|
|
- provider_type
|
|
- slug
|
|
OpenIDConnectConfiguration:
|
|
type: object
|
|
description: rest_framework Serializer for OIDC Configuration
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
authorization_endpoint:
|
|
type: string
|
|
token_endpoint:
|
|
type: string
|
|
userinfo_endpoint:
|
|
type: string
|
|
end_session_endpoint:
|
|
type: string
|
|
introspection_endpoint:
|
|
type: string
|
|
jwks_uri:
|
|
type: string
|
|
response_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token_signing_alg_values_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
subject_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
token_endpoint_auth_methods_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- authorization_endpoint
|
|
- end_session_endpoint
|
|
- id_token_signing_alg_values_supported
|
|
- introspection_endpoint
|
|
- issuer
|
|
- jwks_uri
|
|
- response_types_supported
|
|
- subject_types_supported
|
|
- token_endpoint
|
|
- token_endpoint_auth_methods_supported
|
|
- userinfo_endpoint
|
|
OperatingSystem:
|
|
type: object
|
|
description: |-
|
|
For example:
|
|
{"family":"linux","name":"Ubuntu","version":"24.04.3 LTS (Noble Numbat)","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "mac_os", "name": "", "version": "26.2", "arch": "arm64"}
|
|
properties:
|
|
family:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
name:
|
|
type: string
|
|
description: Operating System name, such as 'Server 2022' or 'Ubuntu'
|
|
version:
|
|
type: string
|
|
description: Operating System version, must always be the version number
|
|
but may contain build name
|
|
arch:
|
|
type: string
|
|
required:
|
|
- arch
|
|
- family
|
|
OperatingSystemRequest:
|
|
type: object
|
|
description: |-
|
|
For example:
|
|
{"family":"linux","name":"Ubuntu","version":"24.04.3 LTS (Noble Numbat)","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "mac_os", "name": "", "version": "26.2", "arch": "arm64"}
|
|
properties:
|
|
family:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Operating System name, such as 'Server 2022' or 'Ubuntu'
|
|
version:
|
|
type: string
|
|
minLength: 1
|
|
description: Operating System version, must always be the version number
|
|
but may contain build name
|
|
arch:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- arch
|
|
- family
|
|
OutgoingSyncDeleteAction:
|
|
enum:
|
|
- do_nothing
|
|
- delete
|
|
- suspend
|
|
type: string
|
|
Outpost:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
service_connection_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ServiceConnection'
|
|
readOnly: true
|
|
nullable: true
|
|
refresh_interval_s:
|
|
type: integer
|
|
readOnly: true
|
|
token_identifier:
|
|
type: string
|
|
description: Get Token identifier
|
|
readOnly: true
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- pk
|
|
- providers
|
|
- providers_obj
|
|
- refresh_interval_s
|
|
- service_connection_obj
|
|
- token_identifier
|
|
- type
|
|
OutpostDefaultConfig:
|
|
type: object
|
|
description: Global default outpost config
|
|
properties:
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- config
|
|
OutpostHealth:
|
|
type: object
|
|
description: Outpost health status
|
|
properties:
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
last_seen:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
golang_version:
|
|
type: string
|
|
readOnly: true
|
|
openssl_enabled:
|
|
type: boolean
|
|
readOnly: true
|
|
openssl_version:
|
|
type: string
|
|
readOnly: true
|
|
fips_enabled:
|
|
type: boolean
|
|
nullable: true
|
|
description: Get FIPS enabled
|
|
readOnly: true
|
|
version_should:
|
|
type: string
|
|
readOnly: true
|
|
version_outdated:
|
|
type: boolean
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
readOnly: true
|
|
build_hash_should:
|
|
type: string
|
|
readOnly: true
|
|
hostname:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- build_hash_should
|
|
- fips_enabled
|
|
- golang_version
|
|
- hostname
|
|
- last_seen
|
|
- openssl_enabled
|
|
- openssl_version
|
|
- uid
|
|
- version
|
|
- version_outdated
|
|
- version_should
|
|
OutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- providers
|
|
- type
|
|
OutpostTypeEnum:
|
|
enum:
|
|
- proxy
|
|
- ldap
|
|
- radius
|
|
- rac
|
|
type: string
|
|
PKCEMethodEnum:
|
|
enum:
|
|
- none
|
|
- plain
|
|
- S256
|
|
type: string
|
|
PaginatedAgentConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedApplicationEntitlementList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedApplicationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Application'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatedSessionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorDuoStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorEmailStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorEndpointGDTCStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorSMSStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorStaticStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorTOTPStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorValidateStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedAuthenticatorWebAuthnStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedBlueprintInstanceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedBrandList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Brand'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedCaptchaStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedCertificateKeyPairList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedConnectionTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Connector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedConsentStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDataExportList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DataExport'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDenyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDeviceAccessGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDeviceUserBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDockerServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDomainList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Domain'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDummyPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDummyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedDuoDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEmailDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEmailStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEndpointDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEndpointList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEndpointStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEnrollmentTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEventList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Event'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedEventMatcherPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedExpiringBaseGrantModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedExpressionPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedExtraRoleObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExtraRoleObjectPermission'
|
|
required:
|
|
- pagination
|
|
- results
|
|
PaginatedFleetConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedFlowList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Flow'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedFlowStageBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGeoIPPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGoogleEndpointDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGoogleWorkspaceProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGoogleWorkspaceProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGoogleWorkspaceProviderMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGoogleWorkspaceProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupKerberosSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupLDAPSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Group'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupOAuthSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupPlexSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupSAMLSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedGroupTelegramSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedIdentificationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedInitialPermissionsList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedInvitationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Invitation'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedInvitationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedKerberosSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedKerberosSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedKubernetesServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedLDAPOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedLDAPProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedLDAPSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedLDAPSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedLicenseList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/License'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedMicrosoftEntraProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedMicrosoftEntraProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedMicrosoftEntraProviderMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedMicrosoftEntraProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedMutualTLSStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedNotificationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Notification'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedNotificationRuleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedNotificationTransportList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedNotificationWebhookMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedOAuth2ProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedOAuthSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedOAuthSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedOutpostList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Outpost'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPasswordExpiryPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPasswordPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPasswordStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Permission'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPlexSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPlexSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPolicyBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Policy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPromptList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Prompt'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPromptStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedProxyOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedProxyProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRACPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRACProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRadiusOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRadiusProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRadiusProviderPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRedirectStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedReputationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Reputation'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedReputationPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRoleAssignedObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleAssignedObjectPermission'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedRoleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSAMLPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSAMLProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSAMLSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSAMLSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMSourceGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSCIMSourceUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSMSDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSSFProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSSFStreamList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SSFStream'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedScheduleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Schedule'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedScopeMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Source'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedSourceStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Stage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedStaticDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTOTPDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTaskList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Task'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTelegramSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTelegramSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTenantList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Tenant'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Token'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedTokenModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUniquePasswordPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserConsentList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserDeleteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserKerberosSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserLDAPSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/User'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserLoginStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserLogoutStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserOAuthSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserPlexSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserSAMLSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserTelegramSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedUserWriteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedWebAuthnDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
PaginatedWebAuthnDeviceTypeList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- pagination
|
|
- results
|
|
- autocomplete
|
|
Pagination:
|
|
type: object
|
|
properties:
|
|
next:
|
|
type: number
|
|
previous:
|
|
type: number
|
|
count:
|
|
type: number
|
|
current:
|
|
type: number
|
|
total_pages:
|
|
type: number
|
|
start_index:
|
|
type: number
|
|
end_index:
|
|
type: number
|
|
required:
|
|
- count
|
|
- current
|
|
- end_index
|
|
- next
|
|
- previous
|
|
- start_index
|
|
- total_pages
|
|
PartialGroup:
|
|
type: object
|
|
description: Partial Group Serializer, does not include child relations.
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
description: Get a numerical, int32 ID for the group
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- num_pk
|
|
- pk
|
|
PartialUser:
|
|
type: object
|
|
description: Partial User Serializer, does not include child relations.
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- uid
|
|
- username
|
|
PasswordChallenge:
|
|
type: object
|
|
description: Password challenge UI fields
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-password
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
allow_show_password:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
PasswordChallengeResponseRequest:
|
|
type: object
|
|
description: Password challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-password
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
PasswordExpiryPolicy:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- days
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- days
|
|
- name
|
|
PasswordPolicy:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
password_field:
|
|
type: string
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- name
|
|
PasswordStage:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
required:
|
|
- backends
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
required:
|
|
- backends
|
|
- name
|
|
PatchedAgentConnectorRequest:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
snapshot_expiry:
|
|
type: string
|
|
minLength: 1
|
|
auth_session_duration:
|
|
type: string
|
|
minLength: 1
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
minLength: 1
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedApplicationEntitlementRequest:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
PatchedAuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
PatchedAuthenticatorEmailStageRequest:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
PatchedAuthenticatorEndpointGDTCStageRequest:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedAuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
PatchedAuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
PatchedAuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
PatchedAuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedAuthenticatorWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/ResidentKeyRequirementEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
PatchedBlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
PatchedBrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedCaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
PatchedCertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
PatchedConnectionTokenRequest:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
PatchedConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentStageModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedDenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
deny_message:
|
|
type: string
|
|
PatchedDeviceAccessGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedDeviceUserBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
PatchedDockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
PatchedDomainRequest:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
PatchedDummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedDummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
throw_error:
|
|
type: boolean
|
|
PatchedDuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedEmailDeviceRequest:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedEmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedEndpointDeviceRequest:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedEndpointRequest:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
provider:
|
|
type: integer
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedEndpointStageRequest:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
PatchedEnrollmentTokenRequest:
|
|
type: object
|
|
properties:
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
PatchedEventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
PatchedEventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedFleetConnectorRequest:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
PatchedFlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
PatchedFlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
PatchedGeoIPPolicyRequest:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
PatchedGoogleEndpointDeviceRequest:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedGoogleWorkspaceProviderMappingRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGoogleWorkspaceProviderRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
minLength: 1
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedGroupKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupPlexSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedGroupSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedIdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
PatchedInitialPermissionsRequest:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedInvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
PatchedInvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
PatchedKerberosSourcePropertyMappingRequest:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedKerberosSourceRequest:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
minLength: 1
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_password:
|
|
type: string
|
|
writeOnly: true
|
|
description: Password to authenticate to kadmin for sync
|
|
sync_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
|
|
or in the form TYPE:residual
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: SPNEGO keytab base64-encoded or path to keytab in the form
|
|
FILE:path
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
PatchedKubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
PatchedLDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
PatchedLDAPSourcePropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedLDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
minLength: 1
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
PatchedLicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
PatchedMicrosoftEntraProviderMappingRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedMicrosoftEntraProviderRequest:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
minLength: 1
|
|
tenant_id:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedMutualTLSStageRequest:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
PatchedNotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
PatchedNotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
PatchedNotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/NotificationTransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
minLength: 1
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
PatchedNotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedOAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURIRequest'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedOAuthSourcePropertyMappingRequest:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedOAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
PatchedOutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
PatchedPasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
PatchedPasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
PatchedPasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
PatchedPermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourcePropertyMappingRequest:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
PatchedPolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
PatchedPromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
PatchedPromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
PatchedRACPropertyMappingRequest:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedRACProviderRequest:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
connection_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
PatchedRadiusProviderPropertyMappingRequest:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedRadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PatchedRedirectStageRequest:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PatchedReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedRoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
PatchedSAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
PatchedSAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLProviderLogoutMethodEnum'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
PatchedSAMLSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
PatchedSCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedSCIMSourceGroupRequest:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedSCIMSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMSourceRequest:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMSourceUserRequest:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedSMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedSSFProviderRequest:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
PatchedScheduleRequest:
|
|
type: object
|
|
properties:
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
crontab:
|
|
type: string
|
|
minLength: 1
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
PatchedScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
PatchedSettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
policies_buffered_access_view:
|
|
type: boolean
|
|
flows_refresh_others:
|
|
type: boolean
|
|
required:
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_refresh_others
|
|
- policies_buffered_access_view
|
|
PatchedSourceStageRequest:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
PatchedStaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTelegramSourcePropertyMappingRequest:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedTelegramSourceRequest:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
bot_username:
|
|
type: string
|
|
minLength: 1
|
|
description: Telegram bot username
|
|
bot_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Telegram bot token
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
PatchedTenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
ready:
|
|
type: boolean
|
|
PatchedTokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
PatchedUniquePasswordPolicyRequest:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
PatchedUserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
PatchedUserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
PatchedUserPlexSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
PatchedUserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
PatchedUserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
PatchedWebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
Permission:
|
|
type: object
|
|
description: Global permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
maxLength: 255
|
|
codename:
|
|
type: string
|
|
maxLength: 100
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Human-readable app label
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Human-readable model name
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
PermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- permissions
|
|
PermissionAssignResult:
|
|
type: object
|
|
description: Result from assigning permissions to a user/role
|
|
properties:
|
|
id:
|
|
type: string
|
|
required:
|
|
- id
|
|
PlexAuthenticationChallenge:
|
|
type: object
|
|
description: Challenge shown to the user in identification stage
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-plex
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- slug
|
|
PlexAuthenticationChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for plex response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-plex
|
|
PlexSource:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
description: Plex token used to check friends
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- plex_token
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PlexSourcePropertyMapping:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PlexSourcePropertyMappingRequest:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
PlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
required:
|
|
- name
|
|
- plex_token
|
|
- slug
|
|
PlexTokenRedeemRequest:
|
|
type: object
|
|
description: Serializer to redeem a plex token
|
|
properties:
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- plex_token
|
|
Policy:
|
|
type: object
|
|
description: Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PolicyBinding:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy binding uuid
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
policy_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Policy'
|
|
readOnly: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- group_obj
|
|
- order
|
|
- pk
|
|
- policy_obj
|
|
- target
|
|
- user_obj
|
|
PolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- order
|
|
- target
|
|
PolicyEngineMode:
|
|
enum:
|
|
- all
|
|
- any
|
|
type: string
|
|
PolicyTestRequest:
|
|
type: object
|
|
description: Test policy execution for a user with context
|
|
properties:
|
|
user:
|
|
type: integer
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- user
|
|
PolicyTestResult:
|
|
type: object
|
|
description: result of a policy test
|
|
properties:
|
|
passing:
|
|
type: boolean
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
log_messages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
required:
|
|
- log_messages
|
|
- messages
|
|
- passing
|
|
Process:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
name:
|
|
type: string
|
|
user:
|
|
type: string
|
|
required:
|
|
- id
|
|
- name
|
|
ProcessRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
- name
|
|
Prompt:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Prompt uuid
|
|
name:
|
|
type: string
|
|
field_key:
|
|
type: string
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
prompt_stages_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
readOnly: true
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- pk
|
|
- prompt_stages_obj
|
|
- type
|
|
PromptChallenge:
|
|
type: object
|
|
description: Initial challenge being sent, define fields
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-prompt
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StagePrompt'
|
|
required:
|
|
- fields
|
|
PromptChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Validate response, fields are dynamically created based
|
|
on the stage
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-prompt
|
|
additionalProperties: {}
|
|
PromptChoice:
|
|
type: object
|
|
description: Serializer for a single Choice field
|
|
properties:
|
|
value:
|
|
type: string
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
- value
|
|
PromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- type
|
|
PromptStage:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- component
|
|
- fields
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- fields
|
|
- name
|
|
PromptTypeEnum:
|
|
enum:
|
|
- text
|
|
- text_area
|
|
- text_read_only
|
|
- text_area_read_only
|
|
- username
|
|
- email
|
|
- password
|
|
- number
|
|
- checkbox
|
|
- radio-button-group
|
|
- dropdown
|
|
- date
|
|
- date-time
|
|
- file
|
|
- separator
|
|
- hidden
|
|
- static
|
|
- ak-locale
|
|
type: string
|
|
PropertyMapping:
|
|
type: object
|
|
description: PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PropertyMappingPreview:
|
|
type: object
|
|
description: Preview how the current user is mapped via the property mappings
|
|
selected in a provider
|
|
properties:
|
|
preview:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- preview
|
|
PropertyMappingTestRequest:
|
|
type: object
|
|
description: Test property mapping execution for a user/group with context
|
|
properties:
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PropertyMappingTestResult:
|
|
type: object
|
|
description: Result of a Property-mapping test
|
|
properties:
|
|
result:
|
|
type: string
|
|
readOnly: true
|
|
successful:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- result
|
|
- successful
|
|
ProtocolEnum:
|
|
enum:
|
|
- rdp
|
|
- vnc
|
|
- ssh
|
|
type: string
|
|
Provider:
|
|
type: object
|
|
description: Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProviderEnum:
|
|
enum:
|
|
- twilio
|
|
- generic
|
|
type: string
|
|
ProviderModelEnum:
|
|
enum:
|
|
- authentik_providers_google_workspace.googleworkspaceprovider
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovider
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_rac.racprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_ssf.ssfprovider
|
|
type: string
|
|
ProviderTypeEnum:
|
|
enum:
|
|
- apple
|
|
- openidconnect
|
|
- entraid
|
|
- azuread
|
|
- discord
|
|
- facebook
|
|
- github
|
|
- gitlab
|
|
- google
|
|
- mailcow
|
|
- okta
|
|
- patreon
|
|
- reddit
|
|
- slack
|
|
- twitch
|
|
- twitter
|
|
- wechat
|
|
type: string
|
|
ProxyMode:
|
|
enum:
|
|
- proxy
|
|
- forward_single
|
|
- forward_domain
|
|
type: string
|
|
ProxyOutpostConfig:
|
|
type: object
|
|
description: Proxy provider serializer for outposts
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
oidc_configuration:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OpenIDConnectConfiguration'
|
|
readOnly: true
|
|
cookie_secret:
|
|
type: string
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
cookie_domain:
|
|
type: string
|
|
access_token_validity:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
description: Get token validity as second count
|
|
readOnly: true
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
scopes_to_request:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: |-
|
|
Get all the scope names the outpost should request,
|
|
including custom-defined ones
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
required:
|
|
- access_token_validity
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- external_host
|
|
- name
|
|
- oidc_configuration
|
|
- pk
|
|
- scopes_to_request
|
|
ProxyProvider:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
readOnly: true
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURI'
|
|
readOnly: true
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- client_id
|
|
- component
|
|
- external_host
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- redirect_uris
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- authorization_flow
|
|
- external_host
|
|
- invalidation_flow
|
|
- name
|
|
RACPropertyMapping:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- static_settings
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RACPropertyMappingRequest:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- static_settings
|
|
RACProvider:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
connection_expiry:
|
|
type: string
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RACProviderRequest:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
connection_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
RadiusCheckAccess:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
attributes:
|
|
type: string
|
|
access:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
required:
|
|
- access
|
|
RadiusOutpostConfig:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
application_slug:
|
|
type: string
|
|
auth_flow_slug:
|
|
type: string
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- application_slug
|
|
- auth_flow_slug
|
|
- name
|
|
- pk
|
|
RadiusProvider:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RadiusProviderPropertyMapping:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RadiusProviderPropertyMappingRequest:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
RadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
RedirectChallenge:
|
|
type: object
|
|
description: Challenge type to redirect the client
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-redirect
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
to:
|
|
type: string
|
|
required:
|
|
- to
|
|
RedirectChallengeResponseRequest:
|
|
type: object
|
|
description: Redirect challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: xak-flow-redirect
|
|
to:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- to
|
|
RedirectStage:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- mode
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RedirectStageModeEnum:
|
|
enum:
|
|
- static
|
|
- flow
|
|
type: string
|
|
RedirectStageRequest:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- mode
|
|
- name
|
|
RedirectURI:
|
|
type: object
|
|
description: A single allowed redirect URI entry
|
|
properties:
|
|
matching_mode:
|
|
$ref: '#/components/schemas/MatchingModeEnum'
|
|
url:
|
|
type: string
|
|
required:
|
|
- matching_mode
|
|
- url
|
|
RedirectURIRequest:
|
|
type: object
|
|
description: A single allowed redirect URI entry
|
|
properties:
|
|
matching_mode:
|
|
$ref: '#/components/schemas/MatchingModeEnum'
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- matching_mode
|
|
- url
|
|
RelatedGroup:
|
|
type: object
|
|
description: Stripped down group serializer to show relevant children/parents
|
|
for groups
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
group_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
required:
|
|
- group_uuid
|
|
- name
|
|
- pk
|
|
Reputation:
|
|
type: object
|
|
description: Reputation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Reputation uuid
|
|
identifier:
|
|
type: string
|
|
ip:
|
|
type: string
|
|
ip_geo_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
ip_asn_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
score:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: -9223372036854775808
|
|
format: int64
|
|
updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- identifier
|
|
- ip
|
|
- updated
|
|
ReputationPolicy:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
ResidentKeyRequirementEnum:
|
|
enum:
|
|
- discouraged
|
|
- preferred
|
|
- required
|
|
type: string
|
|
Role:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
maxLength: 150
|
|
required:
|
|
- name
|
|
- pk
|
|
RoleAssignedObjectPermission:
|
|
type: object
|
|
description: Roles assigned object permission serializer
|
|
properties:
|
|
role_pk:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
object_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleObjectPermission'
|
|
model_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleModelPermission'
|
|
required:
|
|
- model_permissions
|
|
- name
|
|
- object_permissions
|
|
- role_pk
|
|
RoleModelPermission:
|
|
type: object
|
|
description: Role-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
RoleObjectPermission:
|
|
type: object
|
|
description: Role-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
- object_pk
|
|
RoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
required:
|
|
- name
|
|
SAMLBindingsEnum:
|
|
enum:
|
|
- redirect
|
|
- post
|
|
type: string
|
|
SAMLMetadata:
|
|
type: object
|
|
description: SAML Provider Metadata serializer
|
|
properties:
|
|
metadata:
|
|
type: string
|
|
readOnly: true
|
|
download_url:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- download_url
|
|
- metadata
|
|
SAMLNameIDPolicyEnum:
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
|
type: string
|
|
SAMLPropertyMapping:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
saml_name:
|
|
type: string
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- saml_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- expression
|
|
- name
|
|
- saml_name
|
|
SAMLProvider:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
acs_url:
|
|
type: string
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLProviderLogoutMethodEnum'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
url_download_metadata:
|
|
type: string
|
|
description: Get metadata download URL
|
|
readOnly: true
|
|
url_sso_post:
|
|
type: string
|
|
description: Get SSO Post URL
|
|
readOnly: true
|
|
url_sso_redirect:
|
|
type: string
|
|
description: Get SSO Redirect URL
|
|
readOnly: true
|
|
url_sso_init:
|
|
type: string
|
|
description: Get SSO IDP-Initiated URL
|
|
readOnly: true
|
|
url_slo_post:
|
|
type: string
|
|
description: Get SLO POST URL
|
|
readOnly: true
|
|
url_slo_redirect:
|
|
type: string
|
|
description: Get SLO redirect URL
|
|
readOnly: true
|
|
required:
|
|
- acs_url
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url_download_metadata
|
|
- url_slo_post
|
|
- url_slo_redirect
|
|
- url_sso_init
|
|
- url_sso_post
|
|
- url_sso_redirect
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLProviderImportRequest:
|
|
type: object
|
|
description: Import saml provider from XML Metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
file:
|
|
type: string
|
|
format: binary
|
|
required:
|
|
- authorization_flow
|
|
- file
|
|
- invalidation_flow
|
|
- name
|
|
SAMLProviderLogoutMethodEnum:
|
|
enum:
|
|
- frontchannel_iframe
|
|
- frontchannel_native
|
|
- backchannel
|
|
type: string
|
|
SAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLProviderLogoutMethodEnum'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
required:
|
|
- acs_url
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
SAMLSource:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLSourcePropertyMapping:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
SCIMAuthenticationModeEnum:
|
|
enum:
|
|
- token
|
|
- oauth
|
|
type: string
|
|
SCIMMapping:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SCIMProvider:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMProviderGroup:
|
|
type: object
|
|
description: SCIMProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
scim_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- provider
|
|
- scim_id
|
|
SCIMProviderGroupRequest:
|
|
type: object
|
|
description: SCIMProviderGroup Serializer
|
|
properties:
|
|
scim_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- group
|
|
- provider
|
|
- scim_id
|
|
SCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- name
|
|
- url
|
|
SCIMProviderUser:
|
|
type: object
|
|
description: SCIMProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
scim_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- id
|
|
- provider
|
|
- scim_id
|
|
- user
|
|
- user_obj
|
|
SCIMProviderUserRequest:
|
|
type: object
|
|
description: SCIMProviderUser Serializer
|
|
properties:
|
|
scim_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- provider
|
|
- scim_id
|
|
- user
|
|
SCIMSource:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
root_url:
|
|
type: string
|
|
description: Get Root URL
|
|
readOnly: true
|
|
token_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Token'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- root_url
|
|
- slug
|
|
- token_obj
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMSourceGroup:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
external_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- group
|
|
- group_obj
|
|
- source
|
|
SCIMSourceGroupRequest:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- group
|
|
- source
|
|
SCIMSourcePropertyMapping:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SCIMSourceRequest:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- slug
|
|
SCIMSourceUser:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
external_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- source
|
|
- user
|
|
- user_obj
|
|
SCIMSourceUserRequest:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- source
|
|
- user
|
|
SMSDevice:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
phone_number:
|
|
type: string
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- phone_number
|
|
- pk
|
|
- user
|
|
SMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
SSFProvider:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
token_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Token'
|
|
readOnly: true
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
ssf_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
event_retention:
|
|
type: string
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- signing_key
|
|
- ssf_url
|
|
- token_obj
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SSFProviderRequest:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- signing_key
|
|
SSFStream:
|
|
type: object
|
|
description: SSFStream Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SSFProvider'
|
|
readOnly: true
|
|
delivery_method:
|
|
$ref: '#/components/schemas/DeliveryMethodEnum'
|
|
endpoint_url:
|
|
type: string
|
|
nullable: true
|
|
events_requested:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventsRequestedEnum'
|
|
format:
|
|
type: string
|
|
aud:
|
|
type: array
|
|
items:
|
|
type: string
|
|
iss:
|
|
type: string
|
|
required:
|
|
- delivery_method
|
|
- format
|
|
- iss
|
|
- pk
|
|
- provider
|
|
- provider_obj
|
|
Schedule:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: Unique schedule identifier
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
actor_name:
|
|
type: string
|
|
readOnly: true
|
|
description: Dramatiq actor to call
|
|
rel_obj_app_label:
|
|
type: string
|
|
readOnly: true
|
|
rel_obj_model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
crontab:
|
|
type: string
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
next_run:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
description:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
last_task_status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/LastTaskStatusEnum'
|
|
nullable: true
|
|
readOnly: true
|
|
required:
|
|
- actor_name
|
|
- crontab
|
|
- description
|
|
- id
|
|
- identifier
|
|
- last_task_status
|
|
- next_run
|
|
- rel_obj_app_label
|
|
- rel_obj_model
|
|
- uid
|
|
ScheduleRequest:
|
|
type: object
|
|
properties:
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
crontab:
|
|
type: string
|
|
minLength: 1
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
required:
|
|
- crontab
|
|
ScopeMapping:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
scope_name:
|
|
type: string
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- scope_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- expression
|
|
- name
|
|
- scope_name
|
|
SelectableStage:
|
|
type: object
|
|
description: Serializer for stages which can be selected by users
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
verbose_name:
|
|
type: string
|
|
meta_model_name:
|
|
type: string
|
|
required:
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
ServiceConnection:
|
|
type: object
|
|
description: ServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
description: Return component used to edit this object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ServiceConnectionState:
|
|
type: object
|
|
description: Serializer for Service connection state
|
|
properties:
|
|
healthy:
|
|
type: boolean
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- healthy
|
|
- version
|
|
SessionEndChallenge:
|
|
type: object
|
|
description: Challenge for ending a session
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-session-end
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
application_name:
|
|
type: string
|
|
application_launch_url:
|
|
type: string
|
|
invalidation_flow_url:
|
|
type: string
|
|
brand_name:
|
|
type: string
|
|
required:
|
|
- brand_name
|
|
- pending_user
|
|
- pending_user_avatar
|
|
SessionUser:
|
|
type: object
|
|
description: |-
|
|
Response for the /user/me endpoint, returns the currently active user (as `user` property)
|
|
and, if this user is being impersonated, the original user in the `original` property.
|
|
properties:
|
|
user:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
original:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
required:
|
|
- user
|
|
Settings:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
policies_buffered_access_view:
|
|
type: boolean
|
|
flows_refresh_others:
|
|
type: boolean
|
|
required:
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_refresh_others
|
|
- policies_buffered_access_view
|
|
required:
|
|
- flags
|
|
SettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
policies_buffered_access_view:
|
|
type: boolean
|
|
flows_refresh_others:
|
|
type: boolean
|
|
required:
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_refresh_others
|
|
- policies_buffered_access_view
|
|
required:
|
|
- flags
|
|
SeverityEnum:
|
|
enum:
|
|
- notice
|
|
- warning
|
|
- alert
|
|
type: string
|
|
ShellChallenge:
|
|
type: object
|
|
description: challenge type to render HTML as-is
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-shell
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
body:
|
|
type: string
|
|
required:
|
|
- body
|
|
SignatureAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
type: string
|
|
Software:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
version:
|
|
type: string
|
|
source:
|
|
type: string
|
|
path:
|
|
type: string
|
|
required:
|
|
- name
|
|
- source
|
|
SoftwareRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
version:
|
|
type: string
|
|
source:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- source
|
|
Source:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
description: Get the URL to the source icon
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SourceStage:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- source
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SourceStageRequest:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- name
|
|
- source
|
|
SourceType:
|
|
type: object
|
|
description: Serializer for SourceType
|
|
properties:
|
|
name:
|
|
type: string
|
|
verbose_name:
|
|
type: string
|
|
urls_customizable:
|
|
type: boolean
|
|
request_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
authorization_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
access_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
profile_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_jwks_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- access_token_url
|
|
- authorization_url
|
|
- name
|
|
- oidc_jwks_url
|
|
- oidc_well_known_url
|
|
- profile_url
|
|
- request_token_url
|
|
- urls_customizable
|
|
- verbose_name
|
|
Stage:
|
|
type: object
|
|
description: Stage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
StageModeEnum:
|
|
enum:
|
|
- optional
|
|
- required
|
|
type: string
|
|
StagePrompt:
|
|
type: object
|
|
description: Serializer for a single Prompt field
|
|
properties:
|
|
field_key:
|
|
type: string
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
initial_value:
|
|
type: string
|
|
order:
|
|
type: integer
|
|
sub_text:
|
|
type: string
|
|
choices:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptChoice'
|
|
nullable: true
|
|
required:
|
|
- choices
|
|
- field_key
|
|
- initial_value
|
|
- label
|
|
- order
|
|
- placeholder
|
|
- required
|
|
- sub_text
|
|
- type
|
|
StateEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
type: string
|
|
StaticDevice:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
token_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDeviceToken'
|
|
readOnly: true
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- token_set
|
|
- user
|
|
StaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
StaticDeviceToken:
|
|
type: object
|
|
description: Serializer for static device's tokens
|
|
properties:
|
|
token:
|
|
type: string
|
|
maxLength: 100
|
|
required:
|
|
- token
|
|
SubModeEnum:
|
|
enum:
|
|
- hashed_user_id
|
|
- user_id
|
|
- user_uuid
|
|
- user_username
|
|
- user_email
|
|
- user_upn
|
|
type: string
|
|
SyncObjectModelEnum:
|
|
enum:
|
|
- authentik.core.models.User
|
|
- authentik.core.models.Group
|
|
type: string
|
|
SyncObjectRequest:
|
|
type: object
|
|
description: Sync object serializer
|
|
properties:
|
|
sync_object_model:
|
|
$ref: '#/components/schemas/SyncObjectModelEnum'
|
|
sync_object_id:
|
|
type: string
|
|
minLength: 1
|
|
override_dry_run:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- sync_object_id
|
|
- sync_object_model
|
|
SyncObjectResult:
|
|
type: object
|
|
description: Result of a single object sync
|
|
properties:
|
|
messages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
required:
|
|
- messages
|
|
SyncOutgoingTriggerModeEnum:
|
|
enum:
|
|
- none
|
|
- immediate
|
|
- deferred_end
|
|
type: string
|
|
SyncStatus:
|
|
type: object
|
|
description: Provider/source sync status
|
|
properties:
|
|
is_running:
|
|
type: boolean
|
|
last_successful_sync:
|
|
type: string
|
|
format: date-time
|
|
last_sync_status:
|
|
$ref: '#/components/schemas/TaskAggregatedStatusEnum'
|
|
required:
|
|
- is_running
|
|
SystemInfo:
|
|
type: object
|
|
description: Get system information.
|
|
properties:
|
|
http_headers:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
description: Get HTTP Request headers
|
|
readOnly: true
|
|
http_host:
|
|
type: string
|
|
description: Get HTTP host
|
|
readOnly: true
|
|
http_is_secure:
|
|
type: boolean
|
|
description: Get HTTP Secure flag
|
|
readOnly: true
|
|
runtime:
|
|
type: object
|
|
description: Get versions
|
|
properties:
|
|
python_version:
|
|
type: string
|
|
environment:
|
|
type: string
|
|
architecture:
|
|
type: string
|
|
platform:
|
|
type: string
|
|
uname:
|
|
type: string
|
|
openssl_version:
|
|
type: string
|
|
openssl_fips_enabled:
|
|
type: boolean
|
|
nullable: true
|
|
authentik_version:
|
|
type: string
|
|
required:
|
|
- architecture
|
|
- authentik_version
|
|
- environment
|
|
- openssl_fips_enabled
|
|
- openssl_version
|
|
- platform
|
|
- python_version
|
|
- uname
|
|
readOnly: true
|
|
brand:
|
|
type: string
|
|
description: Currently active brand
|
|
readOnly: true
|
|
server_time:
|
|
type: string
|
|
format: date-time
|
|
description: Current server time
|
|
readOnly: true
|
|
embedded_outpost_disabled:
|
|
type: boolean
|
|
description: Whether the embedded outpost is disabled
|
|
readOnly: true
|
|
embedded_outpost_host:
|
|
type: string
|
|
description: Get the FQDN configured on the embedded outpost
|
|
readOnly: true
|
|
required:
|
|
- brand
|
|
- embedded_outpost_disabled
|
|
- embedded_outpost_host
|
|
- http_headers
|
|
- http_host
|
|
- http_is_secure
|
|
- runtime
|
|
- server_time
|
|
TOTPDevice:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- user
|
|
TOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
Task:
|
|
type: object
|
|
properties:
|
|
message_id:
|
|
type: string
|
|
format: uuid
|
|
queue_name:
|
|
type: string
|
|
description: Queue name
|
|
actor_name:
|
|
type: string
|
|
description: Dramatiq actor name
|
|
state:
|
|
allOf:
|
|
- $ref: '#/components/schemas/StateEnum'
|
|
description: Task status
|
|
mtime:
|
|
type: string
|
|
format: date-time
|
|
description: Task last modified time
|
|
retries:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
description: Number of retries
|
|
eta:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
description: Planned execution time
|
|
rel_obj_app_label:
|
|
type: string
|
|
readOnly: true
|
|
rel_obj_model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
previous_logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
aggregated_status:
|
|
$ref: '#/components/schemas/TaskAggregatedStatusEnum'
|
|
description:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
required:
|
|
- actor_name
|
|
- aggregated_status
|
|
- description
|
|
- logs
|
|
- previous_logs
|
|
- rel_obj_app_label
|
|
- rel_obj_model
|
|
- uid
|
|
TaskAggregatedStatusEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
- info
|
|
- warning
|
|
- error
|
|
type: string
|
|
TelegramAuthRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
first_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
last_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
photo_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
auth_date:
|
|
type: integer
|
|
hash:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 64
|
|
required:
|
|
- auth_date
|
|
- hash
|
|
- id
|
|
TelegramChallengeResponseRequest:
|
|
type: object
|
|
description: Base class for all challenge responses
|
|
properties:
|
|
id:
|
|
type: integer
|
|
first_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
last_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
photo_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
auth_date:
|
|
type: integer
|
|
hash:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 64
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-telegram
|
|
required:
|
|
- auth_date
|
|
- hash
|
|
- id
|
|
TelegramLoginChallenge:
|
|
type: object
|
|
description: Base login challenge for Identification stage
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-telegram
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
bot_username:
|
|
type: string
|
|
description: Telegram bot username
|
|
request_message_access:
|
|
type: boolean
|
|
required:
|
|
- bot_username
|
|
- request_message_access
|
|
TelegramSource:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
bot_username:
|
|
type: string
|
|
description: Telegram bot username
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
required:
|
|
- bot_username
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- pre_authentication_flow
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
TelegramSourcePropertyMapping:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
TelegramSourcePropertyMappingRequest:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
TelegramSourceRequest:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
bot_username:
|
|
type: string
|
|
minLength: 1
|
|
description: Telegram bot username
|
|
bot_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Telegram bot token
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
required:
|
|
- bot_token
|
|
- bot_username
|
|
- name
|
|
- pre_authentication_flow
|
|
- slug
|
|
Tenant:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
tenant_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
schema_name:
|
|
type: string
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
ready:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- schema_name
|
|
- tenant_uuid
|
|
TenantAdminGroupRequestRequest:
|
|
type: object
|
|
description: Tenant admin group creation request serializer
|
|
properties:
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- user
|
|
TenantRecoveryKeyRequestRequest:
|
|
type: object
|
|
description: Tenant recovery key creation request serializer
|
|
properties:
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
duration_days:
|
|
type: integer
|
|
required:
|
|
- duration_days
|
|
- user
|
|
TenantRecoveryKeyResponse:
|
|
type: object
|
|
description: Tenant recovery key creation response serializer
|
|
properties:
|
|
expiry:
|
|
type: string
|
|
format: date-time
|
|
url:
|
|
type: string
|
|
required:
|
|
- expiry
|
|
- url
|
|
TenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
ready:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- schema_name
|
|
ThemedUrls:
|
|
type: object
|
|
description: Themed URLs - maps theme names to URLs for light and dark themes
|
|
properties:
|
|
light:
|
|
type: string
|
|
nullable: true
|
|
dark:
|
|
type: string
|
|
nullable: true
|
|
Token:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Token uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/User'
|
|
readOnly: true
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- user_obj
|
|
TokenModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and RefreshToken
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token:
|
|
type: string
|
|
description: Get the token's id_token as JSON String
|
|
readOnly: true
|
|
revoked:
|
|
type: boolean
|
|
required:
|
|
- id_token
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
TokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
TokenSetKeyRequest:
|
|
type: object
|
|
description: Set token's key
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
TokenView:
|
|
type: object
|
|
description: Show token's current key
|
|
properties:
|
|
key:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- key
|
|
TransactionApplicationRequest:
|
|
type: object
|
|
description: Serializer for creating a provider and an application in one transaction
|
|
properties:
|
|
app:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
provider_model:
|
|
$ref: '#/components/schemas/ProviderModelEnum'
|
|
provider:
|
|
$ref: '#/components/schemas/modelRequest'
|
|
policy_bindings:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TransactionPolicyBindingRequest'
|
|
required:
|
|
- app
|
|
- provider
|
|
- provider_model
|
|
TransactionApplicationResponse:
|
|
type: object
|
|
description: Transactional creation response
|
|
properties:
|
|
applied:
|
|
type: boolean
|
|
logs:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- applied
|
|
- logs
|
|
TransactionPolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBindingSerializer which does not require target as target
|
|
is set implicitly
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- order
|
|
TypeCreate:
|
|
type: object
|
|
description: Types of an object that can be created
|
|
properties:
|
|
name:
|
|
type: string
|
|
description:
|
|
type: string
|
|
component:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
requires_enterprise:
|
|
type: boolean
|
|
default: false
|
|
deprecated:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- component
|
|
- description
|
|
- model_name
|
|
- name
|
|
UiThemeEnum:
|
|
enum:
|
|
- automatic
|
|
- light
|
|
- dark
|
|
type: string
|
|
UniquePasswordPolicy:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
password_field:
|
|
type: string
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UniquePasswordPolicyRequest:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
required:
|
|
- name
|
|
UsedBy:
|
|
type: object
|
|
description: A list of all objects referencing the queried object
|
|
properties:
|
|
app:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
action:
|
|
$ref: '#/components/schemas/UsedByActionEnum'
|
|
required:
|
|
- action
|
|
- app
|
|
- model_name
|
|
- name
|
|
- pk
|
|
UsedByActionEnum:
|
|
enum:
|
|
- cascade
|
|
- cascade_many
|
|
- set_null
|
|
- set_default
|
|
- left_dangling
|
|
type: string
|
|
User:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
date_joined:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
groups_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
description: User's avatar, either a http/https URL or a data URI
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
path:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
password_change_date:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- date_joined
|
|
- groups_obj
|
|
- is_superuser
|
|
- last_updated
|
|
- name
|
|
- password_change_date
|
|
- pk
|
|
- roles_obj
|
|
- uid
|
|
- username
|
|
- uuid
|
|
UserAccountRequest:
|
|
type: object
|
|
description: Account adding/removing operations
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
required:
|
|
- pk
|
|
UserAccountSerializerForRoleRequest:
|
|
type: object
|
|
description: Account adding/removing operations
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
required:
|
|
- pk
|
|
UserAttributeEnum:
|
|
enum:
|
|
- username
|
|
- email
|
|
type: string
|
|
UserConsent:
|
|
type: object
|
|
description: UserConsent Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
application:
|
|
$ref: '#/components/schemas/Application'
|
|
permissions:
|
|
type: string
|
|
default: ''
|
|
required:
|
|
- application
|
|
- pk
|
|
- user
|
|
UserCreationModeEnum:
|
|
enum:
|
|
- never_create
|
|
- create_when_required
|
|
- always_create
|
|
type: string
|
|
UserDeleteStage:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
UserFieldsEnum:
|
|
enum:
|
|
- email
|
|
- username
|
|
- upn
|
|
type: string
|
|
UserKerberosSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserLDAPSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserLoginChallenge:
|
|
type: object
|
|
description: Empty challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-user-login
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
UserLoginChallengeResponseRequest:
|
|
type: object
|
|
description: User login challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-user-login
|
|
remember_me:
|
|
type: boolean
|
|
required:
|
|
- remember_me
|
|
UserLoginStage:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
session_duration:
|
|
type: string
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- name
|
|
UserLogoutStage:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
UserMatchingModeEnum:
|
|
enum:
|
|
- identifier
|
|
- email_link
|
|
- email_deny
|
|
- username_link
|
|
- username_deny
|
|
type: string
|
|
UserOAuthSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserPasswordSetRequest:
|
|
type: object
|
|
description: Payload to set a users' password directly
|
|
properties:
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
UserPath:
|
|
type: object
|
|
properties:
|
|
paths:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- paths
|
|
UserPlexSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserPlexSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- plex_token
|
|
- source
|
|
- user
|
|
UserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
required:
|
|
- name
|
|
- username
|
|
UserSAMLSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserSelf:
|
|
type: object
|
|
description: User Serializer for information a user can retrieve about themselves
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
readOnly: true
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSelfGroups'
|
|
readOnly: true
|
|
roles:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSelfRoles'
|
|
readOnly: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
description: User's avatar, either a http/https URL or a data URI
|
|
readOnly: true
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get user settings with brand and group settings applied
|
|
readOnly: true
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
system_permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Get all system permissions assigned to the user
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- groups
|
|
- is_active
|
|
- is_superuser
|
|
- name
|
|
- pk
|
|
- roles
|
|
- settings
|
|
- system_permissions
|
|
- uid
|
|
- username
|
|
UserSelfGroups:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
UserSelfRoles:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
UserServiceAccountRequest:
|
|
type: object
|
|
description: Payload to create a service account
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
create_group:
|
|
type: boolean
|
|
default: false
|
|
expiring:
|
|
type: boolean
|
|
default: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
description: If not provided, valid for 360 days
|
|
required:
|
|
- name
|
|
UserServiceAccountResponse:
|
|
type: object
|
|
properties:
|
|
username:
|
|
type: string
|
|
token:
|
|
type: string
|
|
user_uid:
|
|
type: string
|
|
user_pk:
|
|
type: integer
|
|
group_pk:
|
|
type: string
|
|
required:
|
|
- token
|
|
- user_pk
|
|
- user_uid
|
|
- username
|
|
UserSetting:
|
|
type: object
|
|
description: Serializer for User settings for stages and sources
|
|
properties:
|
|
object_uid:
|
|
type: string
|
|
component:
|
|
type: string
|
|
title:
|
|
type: string
|
|
configure_url:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
required:
|
|
- component
|
|
- object_uid
|
|
- title
|
|
UserSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserTelegramSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserTypeEnum:
|
|
enum:
|
|
- internal
|
|
- external
|
|
- service_account
|
|
- internal_service_account
|
|
type: string
|
|
UserVerificationEnum:
|
|
enum:
|
|
- required
|
|
- preferred
|
|
- discouraged
|
|
type: string
|
|
UserWriteStage:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- name
|
|
ValidationError:
|
|
type: object
|
|
description: Validation Error
|
|
properties:
|
|
non_field_errors:
|
|
type: array
|
|
items:
|
|
type: string
|
|
code:
|
|
type: string
|
|
additionalProperties: {}
|
|
VendorEnum:
|
|
enum:
|
|
- goauthentik.io/@merged
|
|
- goauthentik.io/platform
|
|
- fleetdm.com
|
|
type: string
|
|
Version:
|
|
type: object
|
|
description: Get running and latest version.
|
|
properties:
|
|
version_current:
|
|
type: string
|
|
description: Get current version
|
|
readOnly: true
|
|
version_latest:
|
|
type: string
|
|
description: Get latest version from cache
|
|
readOnly: true
|
|
version_latest_valid:
|
|
type: boolean
|
|
description: Check if latest version is valid
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
description: Get build hash, if version is not latest or released
|
|
readOnly: true
|
|
outdated:
|
|
type: boolean
|
|
description: Check if we're running the latest version
|
|
readOnly: true
|
|
outpost_outdated:
|
|
type: boolean
|
|
description: Check if any outpost is outdated/has a version mismatch
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- outdated
|
|
- outpost_outdated
|
|
- version_current
|
|
- version_latest
|
|
- version_latest_valid
|
|
VersionHistory:
|
|
type: object
|
|
description: VersionHistory Serializer
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
timestamp:
|
|
type: string
|
|
format: date-time
|
|
version:
|
|
type: string
|
|
build:
|
|
type: string
|
|
required:
|
|
- build
|
|
- id
|
|
- timestamp
|
|
- version
|
|
WebAuthnDevice:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
maxLength: 200
|
|
created_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
device_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
nullable: true
|
|
aaguid:
|
|
type: string
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- aaguid
|
|
- created_on
|
|
- device_type
|
|
- name
|
|
- pk
|
|
- user
|
|
WebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
required:
|
|
- name
|
|
WebAuthnDeviceType:
|
|
type: object
|
|
description: WebAuthnDeviceType Serializer
|
|
properties:
|
|
aaguid:
|
|
type: string
|
|
format: uuid
|
|
description:
|
|
type: string
|
|
required:
|
|
- aaguid
|
|
- description
|
|
Worker:
|
|
type: object
|
|
properties:
|
|
worker_id:
|
|
type: string
|
|
version:
|
|
type: string
|
|
version_matching:
|
|
type: boolean
|
|
required:
|
|
- version
|
|
- version_matching
|
|
- worker_id
|
|
modelRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
- $ref: '#/components/schemas/LDAPProviderRequest'
|
|
- $ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
- $ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
- $ref: '#/components/schemas/ProxyProviderRequest'
|
|
- $ref: '#/components/schemas/RACProviderRequest'
|
|
- $ref: '#/components/schemas/RadiusProviderRequest'
|
|
- $ref: '#/components/schemas/SAMLProviderRequest'
|
|
- $ref: '#/components/schemas/SCIMProviderRequest'
|
|
- $ref: '#/components/schemas/SSFProviderRequest'
|
|
discriminator:
|
|
propertyName: provider_model
|
|
mapping:
|
|
authentik_providers_google_workspace.googleworkspaceprovider: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
|
|
authentik_providers_microsoft_entra.microsoftentraprovider: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
|
|
authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
|
|
authentik_providers_rac.racprovider: '#/components/schemas/RACProviderRequest'
|
|
authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
|
|
authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
|
|
authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
|
|
authentik_providers_ssf.ssfprovider: '#/components/schemas/SSFProviderRequest'
|
|
securitySchemes:
|
|
authentik:
|
|
type: http
|
|
scheme: bearer
|
|
servers:
|
|
- url: /api/v3
|