mirror of
https://github.com/goauthentik/authentik
synced 2026-04-25 17:15:26 +02:00
24edee3e78
* flows: add warning message for expired password reset links Fixes #21306 * Replace token expiry check with REQUIRE_TOKEN authentication requirement Incorporate review comments to move expired/invalid token handling from executor-level check to flow planner authentication requirement. This avoids disclosing whether a token ever existed and handles already-cleaned-up tokens. * The fix was changing gettext_lazy to gettext * remove unneeded migration Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update form Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
58509 lines
1.6 MiB
58509 lines
1.6 MiB
openapi: 3.0.3
|
|
info:
|
|
title: authentik
|
|
version: 2026.5.0-rc1
|
|
description: Making authentication simple.
|
|
contact:
|
|
email: hello@goauthentik.io
|
|
license:
|
|
name: MIT
|
|
url: https://github.com/goauthentik/authentik/blob/main/LICENSE
|
|
paths:
|
|
/admin/apps/:
|
|
get:
|
|
operationId: admin_apps_list
|
|
description: Read-only view list all installed apps
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/file/:
|
|
get:
|
|
operationId: admin_file_list
|
|
description: List files from storage backend.
|
|
parameters:
|
|
- in: query
|
|
name: manageable_only
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: usage
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UsageEnum'
|
|
default: media
|
|
minLength: 1
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FileList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: admin_file_create
|
|
description: Upload file to storage backend.
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/FileUploadRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: admin_file_destroy
|
|
description: Delete file from storage backend.
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: usage
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UsageEnum'
|
|
default: media
|
|
minLength: 1
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/file/used_by/:
|
|
get:
|
|
operationId: admin_file_used_by_list
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/models/:
|
|
get:
|
|
operationId: admin_models_list
|
|
description: Read-only view list all installed models
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/App'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/settings/:
|
|
get:
|
|
operationId: admin_settings_retrieve
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: admin_settings_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SettingsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: admin_settings_partial_update
|
|
description: Settings view
|
|
tags:
|
|
- admin
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSettingsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Settings'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/system/:
|
|
get:
|
|
operationId: admin_system_retrieve
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: admin_system_create
|
|
description: Get system information.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SystemInfo'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/:
|
|
get:
|
|
operationId: admin_version_retrieve
|
|
description: Get running and latest version.
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Version'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/history/:
|
|
get:
|
|
operationId: admin_version_history_list
|
|
description: VersionHistory Viewset
|
|
parameters:
|
|
- in: query
|
|
name: build
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: version
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/VersionHistory'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/admin/version/history/{id}/:
|
|
get:
|
|
operationId: admin_version_history_retrieve
|
|
description: VersionHistory Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Version history.
|
|
required: true
|
|
tags:
|
|
- admin
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/VersionHistory'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/all/:
|
|
get:
|
|
operationId: authenticators_admin_all_list
|
|
description: Get all devices for current user
|
|
parameters:
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/duo/:
|
|
get:
|
|
operationId: authenticators_admin_duo_list
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_duo_create
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_duo_retrieve
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_duo_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_duo_partial_update
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_duo_destroy
|
|
description: Viewset for Duo authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/email/:
|
|
get:
|
|
operationId: authenticators_admin_email_list
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_email_create
|
|
description: Viewset for email authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/email/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_email_retrieve
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_email_update
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_email_partial_update
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_email_destroy
|
|
description: Viewset for email authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/endpoint/:
|
|
get:
|
|
operationId: authenticators_admin_endpoint_list
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_endpoint_create
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/endpoint/{uuid}/:
|
|
get:
|
|
operationId: authenticators_admin_endpoint_retrieve
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_endpoint_update
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_endpoint_partial_update
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleEndpointDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_endpoint_destroy
|
|
description: Viewset for Endpoint authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/sms/:
|
|
get:
|
|
operationId: authenticators_admin_sms_list
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_sms_create
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_sms_retrieve
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_sms_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_sms_partial_update
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_sms_destroy
|
|
description: Viewset for sms authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/static/:
|
|
get:
|
|
operationId: authenticators_admin_static_list
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_static_create
|
|
description: Viewset for static authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/static/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_static_retrieve
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_static_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_static_partial_update
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_static_destroy
|
|
description: Viewset for static authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/totp/:
|
|
get:
|
|
operationId: authenticators_admin_totp_list
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_totp_create
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_totp_retrieve
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_totp_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_totp_partial_update
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_totp_destroy
|
|
description: Viewset for totp authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/webauthn/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: authenticators_admin_webauthn_create
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/admin/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_admin_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_admin_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_admin_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_admin_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices (for admins)
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/all/:
|
|
get:
|
|
operationId: authenticators_all_list
|
|
description: Get all devices for current user
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Device'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/:
|
|
get:
|
|
operationId: authenticators_duo_list
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDuoDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/{id}/:
|
|
get:
|
|
operationId: authenticators_duo_retrieve
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_duo_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_duo_partial_update
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDuoDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_duo_destroy
|
|
description: Viewset for Duo authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/duo/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Duo Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/:
|
|
get:
|
|
operationId: authenticators_email_list
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/{id}/:
|
|
get:
|
|
operationId: authenticators_email_retrieve
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_email_update
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_email_partial_update
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_email_destroy
|
|
description: Viewset for email authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/email/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Email Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/:
|
|
get:
|
|
operationId: authenticators_endpoint_list
|
|
description: Viewset for Endpoint authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/{uuid}/:
|
|
get:
|
|
operationId: authenticators_endpoint_retrieve
|
|
description: Viewset for Endpoint authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/endpoint/{uuid}/used_by/:
|
|
get:
|
|
operationId: authenticators_endpoint_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/:
|
|
get:
|
|
operationId: authenticators_sms_list
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSMSDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/{id}/:
|
|
get:
|
|
operationId: authenticators_sms_retrieve
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_sms_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_sms_partial_update
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSMSDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_sms_destroy
|
|
description: Viewset for sms authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/sms/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SMS Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/:
|
|
get:
|
|
operationId: authenticators_static_list
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStaticDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/{id}/:
|
|
get:
|
|
operationId: authenticators_static_retrieve
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_static_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_static_partial_update
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedStaticDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_static_destroy
|
|
description: Viewset for static authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/static/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Static Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/:
|
|
get:
|
|
operationId: authenticators_totp_list
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTOTPDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/{id}/:
|
|
get:
|
|
operationId: authenticators_totp_retrieve
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_totp_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_totp_partial_update
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTOTPDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_totp_destroy
|
|
description: Viewset for totp authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/totp/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this TOTP Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/:
|
|
get:
|
|
operationId: authenticators_webauthn_list
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/{id}/:
|
|
get:
|
|
operationId: authenticators_webauthn_retrieve
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: authenticators_webauthn_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: authenticators_webauthn_partial_update
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWebAuthnDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: authenticators_webauthn_destroy
|
|
description: Viewset for WebAuthn authenticator devices
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/authenticators/webauthn/{id}/used_by/:
|
|
get:
|
|
operationId: authenticators_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WebAuthn Device.
|
|
required: true
|
|
tags:
|
|
- authenticators
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/:
|
|
get:
|
|
operationId: core_application_entitlements_list
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: query
|
|
name: app
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedApplicationEntitlementList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_application_entitlements_create
|
|
description: ApplicationEntitlement Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlementRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/{pbm_uuid}/:
|
|
get:
|
|
operationId: core_application_entitlements_retrieve
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_application_entitlements_update
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlementRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_application_entitlements_partial_update
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedApplicationEntitlementRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_application_entitlements_destroy
|
|
description: ApplicationEntitlement Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/application_entitlements/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: core_application_entitlements_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Application Entitlement.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/:
|
|
get:
|
|
operationId: core_applications_list
|
|
description: Custom list method that checks Policy based access instead of guardian
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_launch_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: meta_publisher
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: only_with_launch_url
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: superuser_full_list
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedApplicationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_applications_create
|
|
description: Application Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/:
|
|
get:
|
|
operationId: core_applications_retrieve
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_applications_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_applications_partial_update
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedApplicationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Application'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_applications_destroy
|
|
description: Application Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/check_access/:
|
|
get:
|
|
operationId: core_applications_check_access_retrieve
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/applications/{slug}/used_by/:
|
|
get:
|
|
operationId: core_applications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/:
|
|
get:
|
|
operationId: core_authenticated_sessions_list
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session__last_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: session__last_user_agent
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatedSessionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/{uuid}/:
|
|
get:
|
|
operationId: core_authenticated_sessions_retrieve
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_authenticated_sessions_destroy
|
|
description: AuthenticatedSession Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/{uuid}/used_by/:
|
|
get:
|
|
operationId: core_authenticated_sessions_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/authenticated_sessions/bulk_delete/:
|
|
delete:
|
|
operationId: core_authenticated_sessions_bulk_delete_destroy
|
|
description: Bulk revoke all sessions for multiple users
|
|
parameters:
|
|
- in: query
|
|
name: user_pks
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
description: List of user IDs to revoke all sessions for
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BulkDeleteSessionResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/:
|
|
get:
|
|
operationId: core_brands_list
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: query
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: branding_default_flow_background
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_favicon
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_logo
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: branding_title
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_certificates
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: default
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: domain
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: flow_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_device_code
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_invalidation
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_recovery
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_unenrollment
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: flow_user_settings
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: web_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBrandList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_brands_create
|
|
description: Brand Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/{brand_uuid}/:
|
|
get:
|
|
operationId: core_brands_retrieve
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_brands_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BrandRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_brands_partial_update
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBrandRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Brand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_brands_destroy
|
|
description: Brand Viewset
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/{brand_uuid}/used_by/:
|
|
get:
|
|
operationId: core_brands_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: brand_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Brand.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/brands/current/:
|
|
get:
|
|
operationId: core_brands_current_retrieve
|
|
description: Get current brand
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CurrentBrand'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/:
|
|
get:
|
|
operationId: core_groups_list
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: include_children
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_inherited_roles
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_parents
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_users
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: members_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: members_by_username
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_groups_create
|
|
description: Group Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/:
|
|
get:
|
|
operationId: core_groups_retrieve
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
- in: query
|
|
name: include_children
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_inherited_roles
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_parents
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- in: query
|
|
name: include_users
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_groups_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_groups_partial_update
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Group'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_groups_destroy
|
|
description: Group Viewset
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/add_user/:
|
|
post:
|
|
operationId: core_groups_add_user_create
|
|
description: Add user to group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/remove_user/:
|
|
post:
|
|
operationId: core_groups_remove_user_create
|
|
description: Remove user from group
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User removed
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/groups/{group_uuid}/used_by/:
|
|
get:
|
|
operationId: core_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Group.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/:
|
|
get:
|
|
operationId: core_tokens_list
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: query
|
|
name: description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: expiring
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: intent
|
|
schema:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_tokens_create
|
|
description: Token Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/:
|
|
get:
|
|
operationId: core_tokens_retrieve
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_tokens_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_tokens_partial_update
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Token'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_tokens_destroy
|
|
description: Token Viewset
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/set_key/:
|
|
post:
|
|
operationId: core_tokens_set_key_create
|
|
description: |-
|
|
Set token key. Action is logged as event. `authentik_core.set_token_key` permission
|
|
is required.
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenSetKeyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed key
|
|
'400':
|
|
description: Missing key
|
|
'404':
|
|
description: Token not found or expired
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/used_by/:
|
|
get:
|
|
operationId: core_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/tokens/{identifier}/view_key/:
|
|
get:
|
|
operationId: core_tokens_view_key_retrieve
|
|
description: Return token key and log access
|
|
parameters:
|
|
- in: path
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenView'
|
|
description: ''
|
|
'404':
|
|
description: Token not found or expired
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/transactional/applications/:
|
|
put:
|
|
operationId: core_transactional_applications_update
|
|
description: Convert data into a blueprint, validate it and apply it
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TransactionApplicationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/:
|
|
get:
|
|
operationId: core_user_consent_list
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserConsentList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/{id}/:
|
|
get:
|
|
operationId: core_user_consent_retrieve
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_user_consent_destroy
|
|
description: UserConsent Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/user_consent/{id}/used_by/:
|
|
get:
|
|
operationId: core_user_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Consent.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/:
|
|
get:
|
|
operationId: core_users_list
|
|
description: User Viewset
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: date_joined
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: email
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: groups_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: groups_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: include_groups
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: include_roles
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- in: query
|
|
name: is_active
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: path_startswith
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: roles_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: roles_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: core_users_create
|
|
description: User Viewset
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/:
|
|
get:
|
|
operationId: core_users_retrieve
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: core_users_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: core_users_partial_update
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/User'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: core_users_destroy
|
|
description: User Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/impersonate/:
|
|
post:
|
|
operationId: core_users_impersonate_create
|
|
description: Impersonate a user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ImpersonationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully started impersonation
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/recovery/:
|
|
post:
|
|
operationId: core_users_recovery_create
|
|
description: Create a temporary link that a user can use to recover their account
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRecoveryLinkRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/recovery_email/:
|
|
post:
|
|
operationId: core_users_recovery_email_create
|
|
description: Send an email with a temporary link that a user can use to recover
|
|
their account
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserRecoveryEmailRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully sent recover email
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/set_password/:
|
|
post:
|
|
operationId: core_users_set_password_create
|
|
description: Set password for user
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPasswordSetRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully changed password
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/{id}/used_by/:
|
|
get:
|
|
operationId: core_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User.
|
|
required: true
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/export/:
|
|
post:
|
|
operationId: core_users_export_create
|
|
description: |-
|
|
Create a data export for this data type. Note that the export is generated asynchronously:
|
|
this method returns a `DataExport` object that will initially have `completed=false` as well
|
|
as the permanent URL to that object in the `Location` header.
|
|
You can poll that URL until `completed=true`, at which point the `file_url` property will
|
|
contain a URL to download
|
|
parameters:
|
|
- in: query
|
|
name: attributes
|
|
schema:
|
|
type: string
|
|
description: Attributes
|
|
- in: query
|
|
name: date_joined
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: date_joined__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: email
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: groups_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: groups_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: is_active
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: is_superuser
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_login__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_login__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__gt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: last_updated__lt
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: path_startswith
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: roles_by_name
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: roles_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/impersonate_end/:
|
|
get:
|
|
operationId: core_users_impersonate_end_retrieve
|
|
description: End Impersonation a user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully ended impersonation
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/me/:
|
|
get:
|
|
operationId: core_users_me_retrieve
|
|
description: Get information about current user
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SessionUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/paths/:
|
|
get:
|
|
operationId: core_users_paths_retrieve
|
|
description: Get all user paths
|
|
parameters:
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- core
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPath'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/core/users/service_account/:
|
|
post:
|
|
operationId: core_users_service_account_create
|
|
description: Create a new user account that is marked as a service account
|
|
tags:
|
|
- core
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserServiceAccountResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_list
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: query
|
|
name: has_key
|
|
schema:
|
|
type: boolean
|
|
description: Only return certificate-key pairs with keys
|
|
- in: query
|
|
name: key_type
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KeyTypeEnum'
|
|
description: Filter by key algorithm type (RSA, EC, DSA, etc). Can be specified
|
|
multiple times (e.g. '?key_type=rsa&key_type=ec')
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCertificateKeyPairList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: crypto_certificatekeypairs_create
|
|
description: CertificateKeyPair Viewset
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_retrieve
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: crypto_certificatekeypairs_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPairRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: crypto_certificatekeypairs_partial_update
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCertificateKeyPairRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: crypto_certificatekeypairs_destroy
|
|
description: CertificateKeyPair Viewset
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/used_by/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_certificate/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_certificate_retrieve
|
|
description: Return certificate-key pairs certificate and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/{kp_uuid}/view_private_key/:
|
|
get:
|
|
operationId: crypto_certificatekeypairs_view_private_key_retrieve
|
|
description: Return certificate-key pairs private key and log access
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: kp_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Certificate-Key Pair.
|
|
required: true
|
|
tags:
|
|
- crypto
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateData'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/crypto/certificatekeypairs/generate/:
|
|
post:
|
|
operationId: crypto_certificatekeypairs_generate_create
|
|
description: Generate a new, self-signed certificate-key pair
|
|
tags:
|
|
- crypto
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateGenerationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAgentConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_agents_connectors_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_agents_connectors_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_agents_connectors_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAgentConnectorRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_agents_connectors_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/mdm_config/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_mdm_config_create
|
|
description: Generate configuration for MDM systems to deploy authentik Agent
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MDMConfigRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MDMConfigResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Agent Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/agent_config/:
|
|
get:
|
|
operationId: endpoints_agents_connectors_agent_config_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentConfig'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/auth_fed/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_auth_fed_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: device
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentTokenResponse'
|
|
description: ''
|
|
'404':
|
|
description: Device not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/auth_ia/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_auth_ia_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentAuthenticationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/check_in/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_check_in_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceFactsRequest'
|
|
responses:
|
|
'204':
|
|
description: Successfully checked in
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/connectors/enroll/:
|
|
post:
|
|
operationId: endpoints_agents_connectors_enroll_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentTokenResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: connector
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEnrollmentTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_agents_enrollment_tokens_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_agents_enrollment_tokens_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_agents_enrollment_tokens_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEnrollmentTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_agents_enrollment_tokens_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/enrollment_tokens/{token_uuid}/view_key/:
|
|
get:
|
|
operationId: endpoints_agents_enrollment_tokens_view_key_retrieve
|
|
description: Return token key and log access
|
|
parameters:
|
|
- in: path
|
|
name: token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Enrollment Token.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenView'
|
|
description: ''
|
|
'404':
|
|
description: Token not found or expired
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/ise/:
|
|
get:
|
|
operationId: endpoints_agents_psso_ise_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: apple_enclave_key_id
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAppleIndependentSecureEnclaveList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_agents_psso_ise_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclaveRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclave'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/ise/{uuid}/:
|
|
get:
|
|
operationId: endpoints_agents_psso_ise_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Apple Independent Secure Enclave.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclave'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_agents_psso_ise_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Apple Independent Secure Enclave.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclaveRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclave'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_agents_psso_ise_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Apple Independent Secure Enclave.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAppleIndependentSecureEnclaveRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclave'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_agents_psso_ise_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Apple Independent Secure Enclave.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/ise/{uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_agents_psso_ise_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Apple Independent Secure Enclave.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/register/device/:
|
|
post:
|
|
operationId: endpoints_agents_psso_register_device_create
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSODeviceRegistrationRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSODeviceRegistrationResponse'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/agents/psso/register/user/:
|
|
post:
|
|
operationId: endpoints_agents_psso_register_user_create
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AgentPSSOUserRegistrationRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/:
|
|
get:
|
|
operationId: endpoints_connectors_list
|
|
description: Connector Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_connectors_retrieve
|
|
description: Connector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Connector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_connectors_destroy
|
|
description: Connector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/connectors/types/:
|
|
get:
|
|
operationId: endpoints_connectors_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_list
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDeviceAccessGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_device_access_groups_create
|
|
description: DeviceAccessGroup Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/{pbm_uuid}/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_retrieve
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_device_access_groups_update
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_device_access_groups_partial_update
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDeviceAccessGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_device_access_groups_destroy
|
|
description: DeviceAccessGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_access_groups/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_device_access_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device access group.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/:
|
|
get:
|
|
operationId: endpoints_device_bindings_list
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDeviceUserBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_device_bindings_create
|
|
description: PolicyBinding Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/{policy_binding_uuid}/:
|
|
get:
|
|
operationId: endpoints_device_bindings_retrieve
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_device_bindings_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_device_bindings_partial_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDeviceUserBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_device_bindings_destroy
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/device_bindings/{policy_binding_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_device_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device User binding.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/:
|
|
get:
|
|
operationId: endpoints_devices_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointDeviceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/{device_uuid}/:
|
|
get:
|
|
operationId: endpoints_devices_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDeviceDetails'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_devices_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDeviceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_devices_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointDeviceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_devices_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/{device_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_devices_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: device_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Device.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/devices/summary/:
|
|
get:
|
|
operationId: endpoints_devices_summary_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DeviceSummary'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_list
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFleetConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_fleet_connectors_create
|
|
description: FleetConnector Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_retrieve
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_fleet_connectors_update
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_fleet_connectors_partial_update
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFleetConnectorRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_fleet_connectors_destroy
|
|
description: FleetConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/fleet/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_fleet_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Fleet Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/google_chrome/connectors/:
|
|
get:
|
|
operationId: endpoints_google_chrome_connectors_list
|
|
description: GoogleChromeConnector Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleChromeConnectorList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: endpoints_google_chrome_connectors_create
|
|
description: GoogleChromeConnector Viewset
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/google_chrome/connectors/{connector_uuid}/:
|
|
get:
|
|
operationId: endpoints_google_chrome_connectors_retrieve
|
|
description: GoogleChromeConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Device Trust Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: endpoints_google_chrome_connectors_update
|
|
description: GoogleChromeConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Device Trust Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnectorRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: endpoints_google_chrome_connectors_partial_update
|
|
description: GoogleChromeConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Device Trust Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleChromeConnectorRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleChromeConnector'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: endpoints_google_chrome_connectors_destroy
|
|
description: GoogleChromeConnector Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Device Trust Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/endpoints/google_chrome/connectors/{connector_uuid}/used_by/:
|
|
get:
|
|
operationId: endpoints_google_chrome_connectors_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connector_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Device Trust Connector.
|
|
required: true
|
|
tags:
|
|
- endpoints
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/:
|
|
get:
|
|
operationId: enterprise_license_list
|
|
description: License Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLicenseList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: enterprise_license_create
|
|
description: License Viewset
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/{license_uuid}/:
|
|
get:
|
|
operationId: enterprise_license_retrieve
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: enterprise_license_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: enterprise_license_partial_update
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLicenseRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/License'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: enterprise_license_destroy
|
|
description: License Viewset
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/{license_uuid}/used_by/:
|
|
get:
|
|
operationId: enterprise_license_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: license_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this License.
|
|
required: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/forecast/:
|
|
get:
|
|
operationId: enterprise_license_forecast_retrieve
|
|
description: Forecast how many users will be required in a year
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseForecast'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/install_id/:
|
|
get:
|
|
operationId: enterprise_license_install_id_retrieve
|
|
description: Get install_id
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InstallID'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/enterprise/license/summary/:
|
|
get:
|
|
operationId: enterprise_license_summary_retrieve
|
|
description: Get the total license status
|
|
parameters:
|
|
- in: query
|
|
name: cached
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
tags:
|
|
- enterprise
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LicenseSummary'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/:
|
|
get:
|
|
operationId: events_events_list
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventActions'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_device
|
|
schema:
|
|
type: string
|
|
description: Context Device Primary Key
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_events_create
|
|
description: Event Read-Only Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/{event_uuid}/:
|
|
get:
|
|
operationId: events_events_retrieve
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_events_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_events_partial_update
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Event'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_events_destroy
|
|
description: Event Read-Only Viewset
|
|
parameters:
|
|
- in: path
|
|
name: event_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/actions/:
|
|
get:
|
|
operationId: events_events_actions_list
|
|
description: Get all actions
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/export/:
|
|
post:
|
|
operationId: events_events_export_create
|
|
description: |-
|
|
Create a data export for this data type. Note that the export is generated asynchronously:
|
|
this method returns a `DataExport` object that will initially have `completed=false` as well
|
|
as the permanent URL to that object in the `Location` header.
|
|
You can poll that URL until `completed=true`, at which point the `file_url` property will
|
|
contain a URL to download
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventActions'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_device
|
|
schema:
|
|
type: string
|
|
description: Context Device Primary Key
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/stats/:
|
|
get:
|
|
operationId: events_events_stats_retrieve
|
|
description: Get event stats for specified filters and count steps
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventActions'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_device
|
|
schema:
|
|
type: string
|
|
description: Context Device Primary Key
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- in: query
|
|
name: count_steps
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Timedelta, format of 'weeks=3;days=2;hours=3,seconds=2'
|
|
required: true
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventStats'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/top_per_user/:
|
|
get:
|
|
operationId: events_events_top_per_user_list
|
|
description: Get the top_n events grouped by user count
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: top_n
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventTopPerUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/events/volume/:
|
|
get:
|
|
operationId: events_events_volume_list
|
|
description: Get event volume for specified filters and timeframe
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: actions
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventActions'
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: brand_name
|
|
schema:
|
|
type: string
|
|
description: Brand name
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: context_authorized_app
|
|
schema:
|
|
type: string
|
|
description: Context Authorized application
|
|
- in: query
|
|
name: context_device
|
|
schema:
|
|
type: string
|
|
description: Context Device Primary Key
|
|
- in: query
|
|
name: context_model_app
|
|
schema:
|
|
type: string
|
|
description: Context Model App
|
|
- in: query
|
|
name: context_model_name
|
|
schema:
|
|
type: string
|
|
description: Context Model Name
|
|
- in: query
|
|
name: context_model_pk
|
|
schema:
|
|
type: string
|
|
description: Context Model Primary Key
|
|
- in: query
|
|
name: history_days
|
|
schema:
|
|
type: integer
|
|
default: 7
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
description: Username
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventVolume'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/:
|
|
get:
|
|
operationId: events_notifications_list
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: query
|
|
name: body
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: event
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: seen
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
$ref: '#/components/schemas/SeverityEnum'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/{uuid}/:
|
|
get:
|
|
operationId: events_notifications_retrieve
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_notifications_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_notifications_partial_update
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Notification'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_notifications_destroy
|
|
description: Notification Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_notifications_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/notifications/mark_all_seen/:
|
|
post:
|
|
operationId: events_notifications_mark_all_seen_create
|
|
description: Mark all the user's notifications as seen
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Marked tasks as read successfully.
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/:
|
|
get:
|
|
operationId: events_rules_list
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: query
|
|
name: destination_group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: severity
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: |+
|
|
Controls which severity level the created notifications will have.
|
|
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationRuleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_rules_create
|
|
description: NotificationRule Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/{pbm_uuid}/:
|
|
get:
|
|
operationId: events_rules_retrieve
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_rules_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_rules_partial_update
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationRuleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_rules_destroy
|
|
description: NotificationRule Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/rules/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: events_rules_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Rule.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/:
|
|
get:
|
|
operationId: events_transports_list
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
$ref: '#/components/schemas/TransportModeEnum'
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: send_once
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: webhook_url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationTransportList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: events_transports_create
|
|
description: NotificationTransport Viewset
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/:
|
|
get:
|
|
operationId: events_transports_retrieve
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: events_transports_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: events_transports_partial_update
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationTransportRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: events_transports_destroy
|
|
description: NotificationTransport Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/test/:
|
|
post:
|
|
operationId: events_transports_test_create
|
|
description: |-
|
|
Send example notification using selected transport. Requires
|
|
Modify permissions.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationTransportTest'
|
|
description: ''
|
|
'500':
|
|
description: Failed to test transport
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/events/transports/{uuid}/used_by/:
|
|
get:
|
|
operationId: events_transports_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Notification Transport.
|
|
required: true
|
|
tags:
|
|
- events
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/:
|
|
get:
|
|
operationId: flows_bindings_list
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: evaluate_on_plan
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalid_response_action
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: |+
|
|
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
|
|
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
- in: query
|
|
name: re_evaluate_policies
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowStageBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_bindings_create
|
|
description: FlowStageBinding Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/{fsb_uuid}/:
|
|
get:
|
|
operationId: flows_bindings_retrieve
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: flows_bindings_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: flows_bindings_partial_update
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowStageBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: flows_bindings_destroy
|
|
description: FlowStageBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/bindings/{fsb_uuid}/used_by/:
|
|
get:
|
|
operationId: flows_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: fsb_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Flow Stage Binding.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/executor/{flow_slug}/:
|
|
get:
|
|
operationId: flows_executor_get
|
|
description: Get the next pending challenge from the currently active flow.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_executor_solve
|
|
description: Solve the previously retrieved challenge and advanced to the next
|
|
stage.
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
description: Querystring as received
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowChallengeResponseRequest'
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ChallengeTypes'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/inspector/{flow_slug}/:
|
|
get:
|
|
operationId: flows_inspector_get
|
|
description: Get current flow state and record it
|
|
parameters:
|
|
- in: path
|
|
name: flow_slug
|
|
schema:
|
|
type: string
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowInspection'
|
|
description: ''
|
|
'400':
|
|
description: No flow plan in session.
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/:
|
|
get:
|
|
operationId: flows_instances_list
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: query
|
|
name: denied_action
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: |+
|
|
Configure what should happen when a flow denies access to a user.
|
|
|
|
- in: query
|
|
name: designation
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: |+
|
|
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
|
|
|
|
- in: query
|
|
name: flow_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedFlowList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: flows_instances_create
|
|
description: Flow Viewset
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/:
|
|
get:
|
|
operationId: flows_instances_retrieve
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: flows_instances_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: flows_instances_partial_update
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedFlowRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Flow'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: flows_instances_destroy
|
|
description: Flow Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/diagram/:
|
|
get:
|
|
operationId: flows_instances_diagram_retrieve
|
|
description: Return diagram for flow with slug `slug`, in the format used by
|
|
flowchart.js
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/FlowDiagram'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/execute/:
|
|
get:
|
|
operationId: flows_instances_execute_retrieve
|
|
description: Execute flow for current user
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Link'
|
|
description: ''
|
|
'400':
|
|
description: Flow not applicable
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/export/:
|
|
get:
|
|
operationId: flows_instances_export_retrieve
|
|
description: Export flow to .yaml file
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: string
|
|
format: binary
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/{slug}/used_by/:
|
|
get:
|
|
operationId: flows_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Visible in the URL.
|
|
required: true
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/cache_clear/:
|
|
post:
|
|
operationId: flows_instances_cache_clear_create
|
|
description: Clear flow cache
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/flows/instances/cache_info/:
|
|
get:
|
|
operationId: flows_instances_cache_info_retrieve
|
|
description: Info about cached flows
|
|
tags:
|
|
- flows
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/iterations/:
|
|
post:
|
|
operationId: lifecycle_iterations_create
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
tags:
|
|
- lifecycle
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleIterationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleIteration'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/iterations/latest/{content_type}/{object_id}/:
|
|
get:
|
|
operationId: lifecycle_iterations_latest_retrieve
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
parameters:
|
|
- in: path
|
|
name: content_type
|
|
schema:
|
|
type: string
|
|
pattern: ^[^/]+$
|
|
required: true
|
|
- in: path
|
|
name: object_id
|
|
schema:
|
|
type: string
|
|
pattern: ^[^/]+$
|
|
required: true
|
|
tags:
|
|
- lifecycle
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleIteration'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/iterations/open/:
|
|
get:
|
|
operationId: lifecycle_iterations_list_open
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user_is_reviewer
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- lifecycle
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLifecycleIterationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/reviews/:
|
|
post:
|
|
operationId: lifecycle_reviews_create
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
tags:
|
|
- lifecycle
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReviewRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Review'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/rules/:
|
|
get:
|
|
operationId: lifecycle_rules_list
|
|
parameters:
|
|
- in: query
|
|
name: content_type__model
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- lifecycle
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLifecycleRuleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: lifecycle_rules_create
|
|
tags:
|
|
- lifecycle
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/lifecycle/rules/{id}/:
|
|
get:
|
|
operationId: lifecycle_rules_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this lifecycle rule.
|
|
required: true
|
|
tags:
|
|
- lifecycle
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: lifecycle_rules_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this lifecycle rule.
|
|
required: true
|
|
tags:
|
|
- lifecycle
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRuleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: lifecycle_rules_partial_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this lifecycle rule.
|
|
required: true
|
|
tags:
|
|
- lifecycle
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLifecycleRuleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LifecycleRule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: lifecycle_rules_destroy
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this lifecycle rule.
|
|
required: true
|
|
tags:
|
|
- lifecycle
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/:
|
|
get:
|
|
operationId: managed_blueprints_list
|
|
description: Blueprint instances
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: path
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedBlueprintInstanceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: managed_blueprints_create
|
|
description: Blueprint instances
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/:
|
|
get:
|
|
operationId: managed_blueprints_retrieve
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: managed_blueprints_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstanceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: managed_blueprints_partial_update
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedBlueprintInstanceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: managed_blueprints_destroy
|
|
description: Blueprint instances
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/apply/:
|
|
post:
|
|
operationId: managed_blueprints_apply_create
|
|
description: Apply a blueprint
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/{instance_uuid}/used_by/:
|
|
get:
|
|
operationId: managed_blueprints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: instance_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Blueprint Instance.
|
|
required: true
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/available/:
|
|
get:
|
|
operationId: managed_blueprints_available_list
|
|
description: Get blueprints
|
|
tags:
|
|
- managed
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintFile'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/managed/blueprints/import/:
|
|
post:
|
|
operationId: managed_blueprints_import_create
|
|
description: Import blueprint from .yaml file and apply it once, without creating
|
|
an instance
|
|
tags:
|
|
- managed
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintUploadRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintImportResult'
|
|
description: ''
|
|
'400':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/BlueprintImportResult'
|
|
description: ''
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/:
|
|
get:
|
|
operationId: oauth2_access_tokens_list
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_access_tokens_retrieve
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_access_tokens_destroy
|
|
description: AccessToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/access_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_access_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Access Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_list
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/{id}/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_retrieve
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_authorization_codes_destroy
|
|
description: AuthorizationCode Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/authorization_codes/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_authorization_codes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Authorization Code.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_list
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTokenModelList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/{id}/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_retrieve
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: oauth2_refresh_tokens_destroy
|
|
description: RefreshToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/oauth2/refresh_tokens/{id}/used_by/:
|
|
get:
|
|
operationId: oauth2_refresh_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2 Refresh Token.
|
|
required: true
|
|
tags:
|
|
- oauth2
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/:
|
|
get:
|
|
operationId: outposts_instances_list
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOutpostList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_instances_create
|
|
description: Outpost Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/:
|
|
get:
|
|
operationId: outposts_instances_retrieve
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_instances_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_instances_partial_update
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOutpostRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Outpost'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_instances_destroy
|
|
description: Outpost Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/health/:
|
|
get:
|
|
operationId: outposts_instances_health_list
|
|
description: Get outposts current health
|
|
parameters:
|
|
- in: query
|
|
name: managed__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- in: query
|
|
name: providers__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: providers_by_pk
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: service_connection__name__icontains
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: service_connection__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OutpostHealth'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_instances_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/instances/default_settings/:
|
|
get:
|
|
operationId: outposts_instances_default_settings_retrieve
|
|
description: Global default outpost config
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OutpostDefaultConfig'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/ldap/:
|
|
get:
|
|
operationId: outposts_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/ldap/{id}/check_access/:
|
|
get:
|
|
operationId: outposts_ldap_access_check
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: app_slug
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPCheckAccess'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/proxy/:
|
|
get:
|
|
operationId: outposts_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/radius/:
|
|
get:
|
|
operationId: outposts_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusOutpostConfigList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/radius/{id}/check_access/:
|
|
get:
|
|
operationId: outposts_radius_access_check
|
|
description: Check access to a single application by slug
|
|
parameters:
|
|
- in: query
|
|
name: app_slug
|
|
schema:
|
|
type: string
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusCheckAccess'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/:
|
|
get:
|
|
operationId: outposts_service_connections_all_list
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_all_retrieve
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_all_destroy
|
|
description: ServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/state/:
|
|
get:
|
|
operationId: outposts_service_connections_all_state_retrieve
|
|
description: Get the service connection's state
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ServiceConnectionState'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Outpost Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/all/types/:
|
|
get:
|
|
operationId: outposts_service_connections_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_list
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: tls_authentication
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: tls_verification
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDockerServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_service_connections_docker_create
|
|
description: DockerServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_retrieve
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_service_connections_docker_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_service_connections_docker_partial_update
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDockerServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_docker_destroy
|
|
description: DockerServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/docker/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_docker_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Docker Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_list
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: local
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: outposts_service_connections_kubernetes_create
|
|
description: KubernetesServiceConnection Viewset
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/{uuid}/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_retrieve
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: outposts_service_connections_kubernetes_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: outposts_service_connections_kubernetes_partial_update
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: outposts_service_connections_kubernetes_destroy
|
|
description: KubernetesServiceConnection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/outposts/service_connections/kubernetes/{uuid}/used_by/:
|
|
get:
|
|
operationId: outposts_service_connections_kubernetes_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kubernetes Service-Connection.
|
|
required: true
|
|
tags:
|
|
- outposts
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/:
|
|
get:
|
|
operationId: policies_all_list
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: bindings__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: promptstage__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_all_retrieve
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Policy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_all_destroy
|
|
description: Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/test/:
|
|
post:
|
|
operationId: policies_all_test_create
|
|
description: Test policy
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/cache_clear/:
|
|
post:
|
|
operationId: policies_all_cache_clear_create
|
|
description: Clear policy cache
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully cleared cache
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/cache_info/:
|
|
get:
|
|
operationId: policies_all_cache_info_retrieve
|
|
description: Info about cached policies
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Cache'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/all/types/:
|
|
get:
|
|
operationId: policies_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/:
|
|
get:
|
|
operationId: policies_bindings_list
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: order
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: target
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: target_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPolicyBindingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_bindings_create
|
|
description: PolicyBinding Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/{policy_binding_uuid}/:
|
|
get:
|
|
operationId: policies_bindings_retrieve
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_bindings_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBindingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_bindings_partial_update
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPolicyBindingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_bindings_destroy
|
|
description: PolicyBinding Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/bindings/{policy_binding_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_bindings_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_binding_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Policy Binding.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/:
|
|
get:
|
|
operationId: policies_dummy_list
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: result
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: wait_max
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: wait_min
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_dummy_create
|
|
description: Dummy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_dummy_retrieve
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_dummy_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_dummy_partial_update
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_dummy_destroy
|
|
description: Dummy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/dummy/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/:
|
|
get:
|
|
operationId: policies_event_matcher_list
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: action
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: |+
|
|
Match created events with this action type. When left empty, all action types will be matched.
|
|
|
|
- in: query
|
|
name: app
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_ip
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: query
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEventMatcherPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_event_matcher_create
|
|
description: Event Matcher Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_event_matcher_retrieve
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_event_matcher_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_event_matcher_partial_update
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEventMatcherPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_event_matcher_destroy
|
|
description: Event Matcher Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/event_matcher/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_event_matcher_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Event Matcher Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/:
|
|
get:
|
|
operationId: policies_expression_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExpressionPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_expression_create
|
|
description: Source Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_expression_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_expression_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_expression_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedExpressionPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_expression_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/expression/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_expression_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Expression Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/:
|
|
get:
|
|
operationId: policies_geoip_list
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGeoIPPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_geoip_create
|
|
description: GeoIP Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_geoip_retrieve
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_geoip_update
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_geoip_partial_update
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGeoIPPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_geoip_destroy
|
|
description: GeoIP Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_geoip_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this GeoIP Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/geoip_iso3166/:
|
|
get:
|
|
operationId: policies_geoip_iso3166_list
|
|
description: Get all countries in ISO-3166-1
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DetailedCountry'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/:
|
|
get:
|
|
operationId: policies_password_list
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: amount_digits
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_lowercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_symbols
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: amount_uppercase
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: check_have_i_been_pwned
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_static_rules
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_zxcvbn
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: error_message
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: hibp_allowed_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: length_min
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: symbol_charset
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: zxcvbn_score_threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_password_create
|
|
description: Password Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_retrieve
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_password_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_password_partial_update
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_password_destroy
|
|
description: Password Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/:
|
|
get:
|
|
operationId: policies_password_expiry_list
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: days
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: deny_only
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_password_expiry_create
|
|
description: Password Expiry Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_password_expiry_retrieve
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_password_expiry_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_password_expiry_partial_update
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_password_expiry_destroy
|
|
description: Password Expiry Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/password_expiry/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_password_expiry_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Expiry Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/:
|
|
get:
|
|
operationId: policies_reputation_list
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: check_ip
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: check_username
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: threshold
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_reputation_create
|
|
description: Reputation Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_retrieve
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_reputation_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_reputation_partial_update
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedReputationPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_reputation_destroy
|
|
description: Reputation Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/:
|
|
get:
|
|
operationId: policies_reputation_scores_list
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: identifier
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: identifier_in
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Multiple values may be separated by commas.
|
|
explode: false
|
|
style: form
|
|
- in: query
|
|
name: ip
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: score
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedReputationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/{reputation_uuid}/:
|
|
get:
|
|
operationId: policies_reputation_scores_retrieve
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Reputation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_reputation_scores_destroy
|
|
description: Reputation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/reputation/scores/{reputation_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_reputation_scores_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: reputation_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Reputation Score.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/:
|
|
get:
|
|
operationId: policies_unique_password_list
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: execution_logging
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: last_updated
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: num_historical_passwords
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUniquePasswordPolicyList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: policies_unique_password_create
|
|
description: Password Uniqueness Policy Viewset
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/{policy_uuid}/:
|
|
get:
|
|
operationId: policies_unique_password_retrieve
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: policies_unique_password_update
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicyRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: policies_unique_password_partial_update
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUniquePasswordPolicyRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: policies_unique_password_destroy
|
|
description: Password Uniqueness Policy Viewset
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/policies/unique_password/{policy_uuid}/used_by/:
|
|
get:
|
|
operationId: policies_unique_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: policy_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Uniqueness Policy.
|
|
required: true
|
|
tags:
|
|
- policies
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/:
|
|
get:
|
|
operationId: propertymappings_all_list
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_all_retrieve
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_all_destroy
|
|
description: PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/test/:
|
|
post:
|
|
operationId: propertymappings_all_test_create
|
|
description: Test Property Mapping
|
|
parameters:
|
|
- in: query
|
|
name: format_result
|
|
schema:
|
|
type: boolean
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingTestRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingTestResult'
|
|
description: ''
|
|
'400':
|
|
description: Invalid parameters
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/all/types/:
|
|
get:
|
|
operationId: propertymappings_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/:
|
|
get:
|
|
operationId: propertymappings_notification_list
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedNotificationWebhookMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_notification_create
|
|
description: NotificationWebhookMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_notification_retrieve
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_notification_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_notification_partial_update
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedNotificationWebhookMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_notification_destroy
|
|
description: NotificationWebhookMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/notification/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_notification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Webhook Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_list
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_google_workspace_create
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_retrieve
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_google_workspace_update
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_google_workspace_partial_update
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_google_workspace_destroy
|
|
description: GoogleWorkspaceProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/google_workspace/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_google_workspace_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_list
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: expression
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_microsoft_entra_create
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_retrieve
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_microsoft_entra_update
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_microsoft_entra_partial_update
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_microsoft_entra_destroy
|
|
description: MicrosoftEntraProviderMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/microsoft_entra/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_microsoft_entra_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_list
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRACPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_rac_create
|
|
description: RACPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_retrieve
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_rac_update
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_rac_partial_update
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRACPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_rac_destroy
|
|
description: RACPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/rac/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_rac_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_list
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusProviderPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_radius_create
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_retrieve
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_radius_update
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_radius_partial_update
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRadiusProviderPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_radius_destroy
|
|
description: RadiusProviderPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/radius/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_radius_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Radius Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_list
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: saml_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLPropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_saml_create
|
|
description: SAMLPropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_retrieve
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_saml_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_saml_partial_update
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_saml_destroy
|
|
description: SAMLPropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/saml/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Provider Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_list
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_scim_create
|
|
description: SCIMMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_retrieve
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_scim_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_scim_partial_update
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_scim_destroy
|
|
description: SCIMMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scim/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Provider Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_list
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: scope_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedScopeMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_provider_scope_create
|
|
description: ScopeMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_retrieve
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_provider_scope_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_provider_scope_partial_update
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedScopeMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_provider_scope_destroy
|
|
description: ScopeMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/provider/scope/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_provider_scope_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Scope Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_list
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKerberosSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_kerberos_create
|
|
description: KerberosSource PropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_retrieve
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_kerberos_update
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_kerberos_partial_update
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKerberosSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_kerberos_destroy
|
|
description: KerberosSource PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/kerberos/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Kerberos Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_list
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_ldap_create
|
|
description: LDAP PropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_retrieve
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_ldap_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_ldap_partial_update
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_ldap_destroy
|
|
description: LDAP PropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/ldap/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this LDAP Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_list
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuthSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_oauth_create
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_retrieve
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_oauth_update
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_oauth_partial_update
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuthSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_oauth_destroy
|
|
description: OAuthSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/oauth/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this OAuth Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/:
|
|
get:
|
|
operationId: propertymappings_source_plex_list
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_plex_create
|
|
description: PlexSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_plex_retrieve
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_plex_update
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_plex_partial_update
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_plex_destroy
|
|
description: PlexSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/plex/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Plex Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/:
|
|
get:
|
|
operationId: propertymappings_source_saml_list
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_saml_create
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_saml_retrieve
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_saml_update
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_saml_partial_update
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_saml_destroy
|
|
description: SAMLSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/saml/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SAML Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/:
|
|
get:
|
|
operationId: propertymappings_source_scim_list
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_scim_create
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_scim_retrieve
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_scim_update
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_scim_partial_update
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_scim_destroy
|
|
description: SCIMSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/scim/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SCIM Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_list
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTelegramSourcePropertyMappingList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: propertymappings_source_telegram_create
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/{pm_uuid}/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_retrieve
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: propertymappings_source_telegram_update
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMappingRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: propertymappings_source_telegram_partial_update
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTelegramSourcePropertyMappingRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: propertymappings_source_telegram_destroy
|
|
description: TelegramSourcePropertyMapping Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/propertymappings/source/telegram/{pm_uuid}/used_by/:
|
|
get:
|
|
operationId: propertymappings_source_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Telegram Source Property Mapping.
|
|
required: true
|
|
tags:
|
|
- propertymappings
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/:
|
|
get:
|
|
operationId: providers_all_list
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: backchannel
|
|
schema:
|
|
type: boolean
|
|
description: When not set all providers are returned. When set to true, only
|
|
backchannel providers are returned. When set to false, backchannel providers
|
|
are excluded
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/{id}/:
|
|
get:
|
|
operationId: providers_all_retrieve
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_all_destroy
|
|
description: Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/{id}/used_by/:
|
|
get:
|
|
operationId: providers_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/all/types/:
|
|
get:
|
|
operationId: providers_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/:
|
|
get:
|
|
operationId: providers_google_workspace_list
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: delegated_subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_create
|
|
description: GoogleWorkspaceProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_retrieve
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_google_workspace_update
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_google_workspace_partial_update
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGoogleWorkspaceProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_destroy
|
|
description: GoogleWorkspaceProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_google_workspace_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_google_workspace_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Google Workspace Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_list
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_groups_create
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_retrieve
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_groups_destroy
|
|
description: GoogleWorkspaceProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/:
|
|
get:
|
|
operationId: providers_google_workspace_users_list
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGoogleWorkspaceProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_google_workspace_users_create
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/{id}/:
|
|
get:
|
|
operationId: providers_google_workspace_users_retrieve
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_google_workspace_users_destroy
|
|
description: GoogleWorkspaceProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/google_workspace_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_google_workspace_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Google Workspace Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/:
|
|
get:
|
|
operationId: providers_ldap_list
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: gid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: tls_server_name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: uid_start_number__iexact
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_ldap_create
|
|
description: LDAPProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/{id}/:
|
|
get:
|
|
operationId: providers_ldap_retrieve
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_ldap_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_ldap_partial_update
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_ldap_destroy
|
|
description: LDAPProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: providers_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this LDAP Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/:
|
|
get:
|
|
operationId: providers_microsoft_entra_list
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: filter_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_create
|
|
description: MicrosoftEntraProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_retrieve
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_microsoft_entra_update
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_microsoft_entra_partial_update
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMicrosoftEntraProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_destroy
|
|
description: MicrosoftEntraProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_microsoft_entra_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_microsoft_entra_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Microsoft Entra Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_list
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_groups_create
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_retrieve
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_groups_destroy
|
|
description: MicrosoftEntraProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider Group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_list
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMicrosoftEntraProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_microsoft_entra_users_create
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/{id}/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_retrieve
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_microsoft_entra_users_destroy
|
|
description: MicrosoftEntraProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/microsoft_entra_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_microsoft_entra_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Microsoft Entra Provider User.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/:
|
|
get:
|
|
operationId: providers_oauth2_list
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_code_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: access_token_validity
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_type
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: |+
|
|
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
|
|
|
|
- in: query
|
|
name: include_claims_in_id_token
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: |+
|
|
Configure how the issuer field of the ID Token should be filled.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: refresh_token_validity
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: signing_key
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sub_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: |+
|
|
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
|
|
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuth2ProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_oauth2_create
|
|
description: OAuth2Provider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/:
|
|
get:
|
|
operationId: providers_oauth2_retrieve
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_oauth2_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_oauth2_partial_update
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuth2ProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_oauth2_destroy
|
|
description: OAuth2Provider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_oauth2_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/setup_urls/:
|
|
get:
|
|
operationId: providers_oauth2_setup_urls_retrieve
|
|
description: Get Providers setup URLs
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuth2ProviderSetupURLs'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/oauth2/{id}/used_by/:
|
|
get:
|
|
operationId: providers_oauth2_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this OAuth2/OpenID Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/:
|
|
get:
|
|
operationId: providers_proxy_list
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_enabled__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: basic_auth_password_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: basic_auth_user_attribute__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: certificate__kp_uuid__iexact
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: certificate__name__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: cookie_domain__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: external_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: internal_host_ssl_validation__iexact
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: mode__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings__iexact
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: skip_path_regex__iexact
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedProxyProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_proxy_create
|
|
description: ProxyProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/{id}/:
|
|
get:
|
|
operationId: providers_proxy_retrieve
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_proxy_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_proxy_partial_update
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedProxyProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_proxy_destroy
|
|
description: ProxyProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/proxy/{id}/used_by/:
|
|
get:
|
|
operationId: providers_proxy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Proxy Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/:
|
|
get:
|
|
operationId: providers_rac_list
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRACProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_rac_create
|
|
description: RACProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/{id}/:
|
|
get:
|
|
operationId: providers_rac_retrieve
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_rac_update
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_rac_partial_update
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRACProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_rac_destroy
|
|
description: RACProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/rac/{id}/used_by/:
|
|
get:
|
|
operationId: providers_rac_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this RAC Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/:
|
|
get:
|
|
operationId: providers_radius_list
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authorization_flow__slug__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_networks__iexact
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRadiusProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_radius_create
|
|
description: RadiusProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/{id}/:
|
|
get:
|
|
operationId: providers_radius_retrieve
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_radius_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_radius_partial_update
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRadiusProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_radius_destroy
|
|
description: RadiusProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/radius/{id}/used_by/:
|
|
get:
|
|
operationId: providers_radius_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Radius Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/:
|
|
get:
|
|
operationId: providers_saml_list
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: acs_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_before
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: audience
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authn_context_class_ref_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: backchannel_application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: default_name_id_policy
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
- in: query
|
|
name: default_relay_state
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
- in: query
|
|
name: encryption_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalidation_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: is_backchannel
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: logout_method
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLLogoutMethods'
|
|
description: |+
|
|
Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding).
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: name_id_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sign_assertion
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_logout_request
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_logout_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sls_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: |+
|
|
This determines how authentik sends the logout response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: sls_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sp_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: |+
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_saml_create
|
|
description: SAMLProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/:
|
|
get:
|
|
operationId: providers_saml_retrieve
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_saml_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_saml_partial_update
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_saml_destroy
|
|
description: SAMLProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/metadata/:
|
|
get:
|
|
operationId: providers_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: force_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ForceBindingEnum'
|
|
description: Optionally force the metadata to only include one binding.
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
application/xml:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_saml_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/{id}/used_by/:
|
|
get:
|
|
operationId: providers_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SAML Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/saml/import_metadata/:
|
|
post:
|
|
operationId: providers_saml_import_metadata_create
|
|
description: Create provider from SAML Metadata
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
multipart/form-data:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProviderImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/:
|
|
get:
|
|
operationId: providers_scim_list
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: exclude_users_service_account
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: group_filters
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: url
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_create
|
|
description: SCIMProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/:
|
|
get:
|
|
operationId: providers_scim_retrieve
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_scim_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_scim_partial_update
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_destroy
|
|
description: SCIMProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/sync/object/:
|
|
post:
|
|
operationId: providers_scim_sync_object_create
|
|
description: Sync/Re-sync a single user/group object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncObjectResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/sync/status/:
|
|
get:
|
|
operationId: providers_scim_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this SCIM Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/:
|
|
get:
|
|
operationId: providers_scim_groups_list
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_groups_create
|
|
description: SCIMProviderGroup Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/{id}/:
|
|
get:
|
|
operationId: providers_scim_groups_retrieve
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_groups_destroy
|
|
description: SCIMProviderGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_groups/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider group.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/:
|
|
get:
|
|
operationId: providers_scim_users_list
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider__id
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMProviderUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_scim_users_create
|
|
description: SCIMProviderUser Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/{id}/:
|
|
get:
|
|
operationId: providers_scim_users_retrieve
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_scim_users_destroy
|
|
description: SCIMProviderUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/scim_users/{id}/used_by/:
|
|
get:
|
|
operationId: providers_scim_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this scim provider user.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/:
|
|
get:
|
|
operationId: providers_ssf_list
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: application__isnull
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: name__iexact
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSSFProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_ssf_create
|
|
description: SSFProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/{id}/:
|
|
get:
|
|
operationId: providers_ssf_retrieve
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_ssf_update
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_ssf_partial_update
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSSFProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_ssf_destroy
|
|
description: SSFProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/ssf/{id}/used_by/:
|
|
get:
|
|
operationId: providers_ssf_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Shared Signals Framework
|
|
Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/wsfed/:
|
|
get:
|
|
operationId: providers_wsfed_list
|
|
description: WSFederationProvider Viewset
|
|
parameters:
|
|
- in: query
|
|
name: acs_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_before
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: assertion_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: audience
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authn_context_class_ref_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: backchannel_application
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: default_name_id_policy
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
- in: query
|
|
name: default_relay_state
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
- in: query
|
|
name: encryption_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: invalidation_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: is_backchannel
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: logout_method
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLLogoutMethods'
|
|
description: |+
|
|
Method to use for logout. Front-channel iframe loads all logout URLs simultaneously in hidden iframes. Front-channel native uses your active browser tab to send post requests and redirect to providers. Back-channel sends logout requests directly from the server without user interaction (requires POST SLS binding).
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: name_id_mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session_valid_not_on_or_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sign_assertion
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_logout_request
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_logout_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sign_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sls_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: |+
|
|
This determines how authentik sends the logout response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: sls_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sp_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: |+
|
|
This determines how authentik sends the response back to the Service Provider.
|
|
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWSFederationProviderList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: providers_wsfed_create
|
|
description: WSFederationProvider Viewset
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/wsfed/{id}/:
|
|
get:
|
|
operationId: providers_wsfed_retrieve
|
|
description: WSFederationProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: providers_wsfed_update
|
|
description: WSFederationProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProviderRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: providers_wsfed_partial_update
|
|
description: WSFederationProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedWSFederationProviderRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WSFederationProvider'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: providers_wsfed_destroy
|
|
description: WSFederationProvider Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/wsfed/{id}/metadata/:
|
|
get:
|
|
operationId: providers_wsfed_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: query
|
|
name: download
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: force_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ForceBindingEnum'
|
|
description: Optionally force the metadata to only include one binding.
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
application/xml:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'404':
|
|
description: Provider has no application assigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/wsfed/{id}/preview_user/:
|
|
get:
|
|
operationId: providers_wsfed_preview_user_retrieve
|
|
description: Preview user data for provider
|
|
parameters:
|
|
- in: query
|
|
name: for_user
|
|
schema:
|
|
type: integer
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PropertyMappingPreview'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/providers/wsfed/{id}/used_by/:
|
|
get:
|
|
operationId: providers_wsfed_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this WS-Federation Provider.
|
|
required: true
|
|
tags:
|
|
- providers
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/:
|
|
get:
|
|
operationId: rac_connection_tokens_list
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: query
|
|
name: endpoint
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session__user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConnectionTokenList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/{connection_token_uuid}/:
|
|
get:
|
|
operationId: rac_connection_tokens_retrieve
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rac_connection_tokens_update
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionTokenRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rac_connection_tokens_partial_update
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedConnectionTokenRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rac_connection_tokens_destroy
|
|
description: ConnectionToken Viewset
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/connection_tokens/{connection_token_uuid}/used_by/:
|
|
get:
|
|
operationId: rac_connection_tokens_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: connection_token_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Connection token.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/:
|
|
get:
|
|
operationId: rac_endpoints_list
|
|
description: List accessible endpoints
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: superuser_full_list
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointList'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rac_endpoints_create
|
|
description: Endpoint Viewset
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/{pbm_uuid}/:
|
|
get:
|
|
operationId: rac_endpoints_retrieve
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rac_endpoints_update
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rac_endpoints_partial_update
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rac_endpoints_destroy
|
|
description: Endpoint Viewset
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rac/endpoints/{pbm_uuid}/used_by/:
|
|
get:
|
|
operationId: rac_endpoints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this RAC Endpoint.
|
|
required: true
|
|
tags:
|
|
- rac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/:
|
|
get:
|
|
operationId: rbac_initial_permissions_list
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInitialPermissionsList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rbac_initial_permissions_create
|
|
description: InitialPermissions viewset
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissionsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/{id}/:
|
|
get:
|
|
operationId: rbac_initial_permissions_retrieve
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rbac_initial_permissions_update
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissionsRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rbac_initial_permissions_partial_update
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInitialPermissionsRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rbac_initial_permissions_destroy
|
|
description: InitialPermissions viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/initial_permissions/{id}/used_by/:
|
|
get:
|
|
operationId: rbac_initial_permissions_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Initial Permissions.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/:
|
|
get:
|
|
operationId: rbac_permissions_list
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: query
|
|
name: codename
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: content_type__model
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: role
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/{id}/:
|
|
get:
|
|
operationId: rbac_permissions_retrieve
|
|
description: Read-only list of all permissions, filterable by model and app
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this permission.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Permission'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/:
|
|
get:
|
|
operationId: rbac_permissions_assigned_by_roles_list
|
|
description: Get assigned object permissions for a single object
|
|
parameters:
|
|
- in: query
|
|
name: model
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- in: query
|
|
name: object_pk
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleAssignedObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/{uuid}/assign/:
|
|
post:
|
|
operationId: rbac_permissions_assigned_by_roles_assign
|
|
description: |-
|
|
Assign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PermissionAssignRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PermissionAssignResult'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/assigned_by_roles/{uuid}/unassign/:
|
|
patch:
|
|
operationId: rbac_permissions_assigned_by_roles_unassign_partial_update
|
|
description: |-
|
|
Unassign permission(s) to role. When `object_pk` is set, the permissions
|
|
are only assigned to the specific object, otherwise they are assigned globally.
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPermissionAssignRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Successfully unassigned
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/permissions/roles/:
|
|
get:
|
|
operationId: rbac_permissions_roles_list
|
|
description: Get a role's assigned object permissions
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedExtraRoleObjectPermissionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/:
|
|
get:
|
|
operationId: rbac_roles_list
|
|
description: Role viewset
|
|
parameters:
|
|
- in: query
|
|
name: groups
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: inherited
|
|
schema:
|
|
type: boolean
|
|
description: Include inherited roles (requires users or groups filter)
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: managed__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: users
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRoleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: rbac_roles_create
|
|
description: Role viewset
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/:
|
|
get:
|
|
operationId: rbac_roles_retrieve
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: rbac_roles_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: rbac_roles_partial_update
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRoleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Role'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: rbac_roles_destroy
|
|
description: Role viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/add_user/:
|
|
post:
|
|
operationId: rbac_roles_add_user_create
|
|
description: Add user to role
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountSerializerForRoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User added
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/remove_user/:
|
|
post:
|
|
operationId: rbac_roles_remove_user_create
|
|
description: Remove user from role
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserAccountSerializerForRoleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: User removed
|
|
'404':
|
|
description: User not found
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/rbac/roles/{uuid}/used_by/:
|
|
get:
|
|
operationId: rbac_roles_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Role.
|
|
required: true
|
|
tags:
|
|
- rbac
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/reports/exports/:
|
|
get:
|
|
operationId: reports_exports_list
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDataExportList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/reports/exports/{id}/:
|
|
get:
|
|
operationId: reports_exports_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Data Export.
|
|
required: true
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DataExport'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: reports_exports_destroy
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Data Export.
|
|
required: true
|
|
tags:
|
|
- reports
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/root/config/:
|
|
get:
|
|
operationId: root_config_retrieve
|
|
description: Retrieve public configuration options
|
|
tags:
|
|
- root
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Config'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/schema/:
|
|
get:
|
|
operationId: schema_retrieve
|
|
description: |-
|
|
OpenApi3 schema for this API. Format can be selected via content negotiation.
|
|
|
|
- YAML: application/vnd.oai.openapi
|
|
- JSON: application/vnd.oai.openapi+json
|
|
parameters:
|
|
- in: query
|
|
name: format
|
|
schema:
|
|
$ref: '#/components/schemas/FormatEnum'
|
|
- in: query
|
|
name: lang
|
|
schema:
|
|
$ref: '#/components/schemas/LangEnum'
|
|
tags:
|
|
- schema
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/vnd.oai.openapi:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/yaml:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/vnd.oai.openapi+json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
application/json:
|
|
schema:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/:
|
|
get:
|
|
operationId: sources_all_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/{slug}/:
|
|
get:
|
|
operationId: sources_all_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Source'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_all_destroy
|
|
description: Prevent deletion of built-in sources
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/types/:
|
|
get:
|
|
operationId: sources_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/all/user_settings/:
|
|
get:
|
|
operationId: sources_all_user_settings_list
|
|
description: Get all sources the user can configure
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/:
|
|
get:
|
|
operationId: sources_group_connections_all_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_all_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_all_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_all_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_all_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/all/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this group source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupKerberosSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_kerberos_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_kerberos_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_kerberos_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupKerberosSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_kerberos_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/kerberos/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupLDAPSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_ldap_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_ldap_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_ldap_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupLDAPSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_ldap_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupOAuthSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_oauth_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_oauth_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_oauth_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupOAuthSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_oauth_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/oauth/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/:
|
|
get:
|
|
operationId: sources_group_connections_plex_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupPlexSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_plex_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_plex_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_plex_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_plex_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupPlexSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_plex_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/plex/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/:
|
|
get:
|
|
operationId: sources_group_connections_saml_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupSAMLSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_saml_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_saml_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_saml_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_saml_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupSAMLSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_saml_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/saml/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_list
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedGroupTelegramSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_group_connections_telegram_create
|
|
description: Group-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/{id}/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_retrieve
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_group_connections_telegram_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_group_connections_telegram_partial_update
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedGroupTelegramSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_group_connections_telegram_destroy
|
|
description: Group-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/group_connections/telegram/{id}/used_by/:
|
|
get:
|
|
operationId: sources_group_connections_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Group Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/:
|
|
get:
|
|
operationId: sources_kerberos_list
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: kadmin_type
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: |+
|
|
KAdmin server type
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_login_update_internal_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: realm
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: spnego_server_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sync_principal
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sync_users
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_users_password
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedKerberosSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_kerberos_create
|
|
description: Kerberos Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/:
|
|
get:
|
|
operationId: sources_kerberos_retrieve
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_kerberos_update
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_kerberos_partial_update
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedKerberosSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_kerberos_destroy
|
|
description: Kerberos Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/sync/status/:
|
|
get:
|
|
operationId: sources_kerberos_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/kerberos/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/:
|
|
get:
|
|
operationId: sources_ldap_list
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: additional_group_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_user_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: base_dn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: bind_cn
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: delete_not_found_objects
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: group_membership_field
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: group_object_filter
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: group_property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: lookup_groups_from_user
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: object_uniqueness_field
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_login_update_internal_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: peer_certificate
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: server_uri
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sni
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: start_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_groups
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_parent_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: sync_users
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: sync_users_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: user_membership_attribute
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_object_filter
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_property_mappings
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedLDAPSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_ldap_create
|
|
description: LDAP Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/:
|
|
get:
|
|
operationId: sources_ldap_retrieve
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_ldap_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_ldap_partial_update
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedLDAPSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_ldap_destroy
|
|
description: LDAP Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/debug/:
|
|
get:
|
|
operationId: sources_ldap_debug_retrieve
|
|
description: Get raw LDAP data to debug
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/LDAPDebug'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/sync/status/:
|
|
get:
|
|
operationId: sources_ldap_sync_status_retrieve
|
|
description: Get provider's sync status
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SyncStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/ldap/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/:
|
|
get:
|
|
operationId: sources_oauth_list
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: access_token_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: additional_scopes
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: authorization_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: consumer_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- in: query
|
|
name: has_jwks
|
|
schema:
|
|
type: boolean
|
|
description: Only return sources with JWKS data
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
- in: query
|
|
name: profile_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: provider_type
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: request_token_url
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedOAuthSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_oauth_create
|
|
description: Source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/{slug}/:
|
|
get:
|
|
operationId: sources_oauth_retrieve
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_oauth_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_oauth_partial_update
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedOAuthSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_oauth_destroy
|
|
description: Source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/oauth/source_types/:
|
|
get:
|
|
operationId: sources_oauth_source_types_list
|
|
description: |-
|
|
Get all creatable source types. If ?name is set, only returns the type for <name>.
|
|
If <name> isn't found, returns the default type.
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SourceType'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/:
|
|
get:
|
|
operationId: sources_plex_list
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_friends
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPlexSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_plex_create
|
|
description: Plex source Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/{slug}/:
|
|
get:
|
|
operationId: sources_plex_retrieve
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_plex_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_plex_partial_update
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPlexSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_plex_destroy
|
|
description: Plex source Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/plex/redeem_token/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_create
|
|
description: |-
|
|
Redeem a plex token, check it's access to resources against what's allowed
|
|
for the source, and redirect to an authentication/enrollment flow.
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectChallenge'
|
|
description: ''
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/plex/redeem_token_authenticated/:
|
|
post:
|
|
operationId: sources_plex_redeem_token_authenticated_create
|
|
description: Redeem a plex token for an authenticated user, creating a connection
|
|
parameters:
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PlexTokenRedeemRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
description: Token not found
|
|
'403':
|
|
description: Access denied
|
|
/sources/saml/:
|
|
get:
|
|
operationId: sources_saml_list
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_idp_initiated
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: binding_type
|
|
schema:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
- in: query
|
|
name: digest_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: force_authn
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: issuer
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: managed
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: name_id_policy
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: |+
|
|
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
|
|
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
- in: query
|
|
name: pre_authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: signature_algorithm
|
|
schema:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
- in: query
|
|
name: signed_assertion
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signed_response
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: signing_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: slo_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: sso_url
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: temporary_user_delete_after
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
- in: query
|
|
name: verification_kp
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSAMLSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_saml_create
|
|
description: SAMLSource Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/:
|
|
get:
|
|
operationId: sources_saml_retrieve
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_saml_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_saml_partial_update
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSAMLSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_saml_destroy
|
|
description: SAMLSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/metadata/:
|
|
get:
|
|
operationId: sources_saml_metadata_retrieve
|
|
description: Return metadata as XML string
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SAMLMetadata'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/saml/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/:
|
|
get:
|
|
operationId: sources_scim_list
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_create
|
|
description: SCIMSource Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/{slug}/:
|
|
get:
|
|
operationId: sources_scim_retrieve
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_update
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_partial_update
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_destroy
|
|
description: SCIMSource Viewset
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_scim_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/:
|
|
get:
|
|
operationId: sources_scim_groups_list
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: query
|
|
name: group__group_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group__name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceGroupList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_groups_create
|
|
description: SCIMSourceGroup Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/{id}/:
|
|
get:
|
|
operationId: sources_scim_groups_retrieve
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_groups_update
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroupRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_groups_partial_update
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceGroupRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_groups_destroy
|
|
description: SCIMSourceGroup Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_groups/{id}/used_by/:
|
|
get:
|
|
operationId: sources_scim_groups_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source group.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/:
|
|
get:
|
|
operationId: sources_scim_users_list
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user__id
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: user__username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSCIMSourceUserList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_scim_users_create
|
|
description: SCIMSourceUser Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/{id}/:
|
|
get:
|
|
operationId: sources_scim_users_retrieve
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_scim_users_update
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUserRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_scim_users_partial_update
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSCIMSourceUserRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_scim_users_destroy
|
|
description: SCIMSourceUser Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/scim_users/{id}/used_by/:
|
|
get:
|
|
operationId: sources_scim_users_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
description: A unique value identifying this scim source user.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/:
|
|
get:
|
|
operationId: sources_telegram_list
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: query
|
|
name: authentication_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: bot_username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: enabled
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: group_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing group should be used or a new group created.
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: pbm_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: policy_engine_mode
|
|
schema:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
- in: query
|
|
name: request_message_access
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_matching_mode
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: |+
|
|
How the source determines if an existing user should be authenticated or a new user enrolled.
|
|
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTelegramSourceList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_telegram_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/{slug}/:
|
|
get:
|
|
operationId: sources_telegram_retrieve
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_telegram_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSourceRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_telegram_partial_update
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTelegramSourceRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_telegram_destroy
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/telegram/{slug}/connect_user/:
|
|
post:
|
|
operationId: sources_telegram_connect_user_create
|
|
description: Mixin to add a used_by endpoint to return a list of all objects
|
|
using this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TelegramAuthRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'403':
|
|
description: Access denied
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
/sources/telegram/{slug}/used_by/:
|
|
get:
|
|
operationId: sources_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: slug
|
|
schema:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/:
|
|
get:
|
|
operationId: sources_user_connections_all_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_all_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_all_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_all_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_all_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/all/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this user source connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserKerberosSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_kerberos_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_kerberos_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_kerberos_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserKerberosSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_kerberos_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/kerberos/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_kerberos_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Kerberos Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLDAPSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_ldap_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_ldap_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_ldap_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLDAPSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_ldap_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/ldap/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_ldap_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User LDAP Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_oauth_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_oauth_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_oauth_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_oauth_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/oauth/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_oauth_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User OAuth Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/:
|
|
get:
|
|
operationId: sources_user_connections_plex_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserPlexSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_plex_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_plex_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_plex_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_plex_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserPlexSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_plex_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/plex/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_plex_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Plex Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/:
|
|
get:
|
|
operationId: sources_user_connections_saml_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserSAMLSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_saml_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_saml_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_saml_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_saml_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserSAMLSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_saml_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/saml/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_saml_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User SAML Source Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_list
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source__slug
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserTelegramSourceConnectionList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: sources_user_connections_telegram_create
|
|
description: User-source connection Viewset
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/{id}/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_retrieve
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: sources_user_connections_telegram_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnectionRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: sources_user_connections_telegram_partial_update
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserTelegramSourceConnectionRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: sources_user_connections_telegram_destroy
|
|
description: User-source connection Viewset
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/sources/user_connections/telegram/{id}/used_by/:
|
|
get:
|
|
operationId: sources_user_connections_telegram_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this User Telegram Source
|
|
Connection.
|
|
required: true
|
|
tags:
|
|
- sources
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/ssf/streams/:
|
|
get:
|
|
operationId: ssf_streams_list
|
|
description: SSFStream Viewset
|
|
parameters:
|
|
- in: query
|
|
name: delivery_method
|
|
schema:
|
|
$ref: '#/components/schemas/DeliveryMethodEnum'
|
|
- in: query
|
|
name: endpoint_url
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- ssf
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSSFStreamList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/ssf/streams/{uuid}/:
|
|
get:
|
|
operationId: ssf_streams_retrieve
|
|
description: SSFStream Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SSF Stream.
|
|
required: true
|
|
tags:
|
|
- ssf
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SSFStream'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: ssf_streams_destroy
|
|
description: SSFStream Viewset
|
|
parameters:
|
|
- in: path
|
|
name: uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SSF Stream.
|
|
required: true
|
|
tags:
|
|
- ssf
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/:
|
|
get:
|
|
operationId: stages_all_list
|
|
description: Stage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_all_retrieve
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Stage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_all_destroy
|
|
description: Stage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_all_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/types/:
|
|
get:
|
|
operationId: stages_all_types_list
|
|
description: Get all creatable types
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/all/user_settings/:
|
|
get:
|
|
operationId: stages_all_user_settings_list
|
|
description: Get all stages the user can configure
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSetting'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/:
|
|
get:
|
|
operationId: stages_authenticator_duo_list
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: api_hostname
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: client_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorDuoStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_duo_create
|
|
description: AuthenticatorDuoStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_duo_retrieve
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_duo_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_duo_partial_update
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorDuoStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_duo_destroy
|
|
description: AuthenticatorDuoStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/enrollment_status/:
|
|
post:
|
|
operationId: stages_authenticator_duo_enrollment_status_create
|
|
description: Check enrollment status of user details in current session
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- {}
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DuoDeviceEnrollmentStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/import_device_manual/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_device_manual_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageManualDeviceImportRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Enrollment successful
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/import_devices_automatic/:
|
|
post:
|
|
operationId: stages_authenticator_duo_import_devices_automatic_create
|
|
description: Import duo devices into authentik
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStageDeviceImportResponse'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/duo/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_duo_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Duo Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/:
|
|
get:
|
|
operationId: stages_authenticator_email_list
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: from_address
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: host
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: port
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_expiry
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: use_global_settings
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_ssl
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorEmailStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_email_create
|
|
description: AuthenticatorEmailStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_email_retrieve
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_email_update
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_email_partial_update
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorEmailStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_email_destroy
|
|
description: AuthenticatorEmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/email/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_list
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorEndpointGDTCStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_endpoint_gdtc_create
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_retrieve
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_endpoint_gdtc_update
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_endpoint_gdtc_partial_update
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorEndpointGDTCStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_endpoint_gdtc_destroy
|
|
description: AuthenticatorEndpointGDTCStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/endpoint_gdtc/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_endpoint_gdtc_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Authenticator Google
|
|
Device Trust Connector Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/:
|
|
get:
|
|
operationId: stages_authenticator_sms_list
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: account_sid
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_password
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: auth_type
|
|
schema:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: from_number
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mapping
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: provider
|
|
schema:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: verify_only
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorSMSStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_sms_create
|
|
description: AuthenticatorSMSStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_sms_retrieve
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_sms_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_sms_partial_update
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorSMSStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_sms_destroy
|
|
description: AuthenticatorSMSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/sms/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_sms_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this SMS Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/:
|
|
get:
|
|
operationId: stages_authenticator_static_list
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: token_count
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_length
|
|
schema:
|
|
type: integer
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_static_create
|
|
description: AuthenticatorStaticStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_static_retrieve
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_static_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_static_partial_update
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_static_destroy
|
|
description: AuthenticatorStaticStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/static/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_static_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Static Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/:
|
|
get:
|
|
operationId: stages_authenticator_totp_list
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: digits
|
|
schema:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
- in: query
|
|
name: friendly_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_totp_create
|
|
description: AuthenticatorTOTPStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_totp_retrieve
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_totp_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_totp_partial_update
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_totp_destroy
|
|
description: AuthenticatorTOTPStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/totp/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_totp_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this TOTP Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/:
|
|
get:
|
|
operationId: stages_authenticator_validate_list
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: configuration_stages
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: not_configured_action
|
|
schema:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_validate_create
|
|
description: AuthenticatorValidateStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_validate_retrieve
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_validate_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_validate_partial_update
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_validate_destroy
|
|
description: AuthenticatorValidateStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/validate/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_validate_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Authenticator Validation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_list
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: authenticator_attachment
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: device_type_restrictions
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: max_attempts
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: resident_key_requirement
|
|
schema:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: user_verification
|
|
schema:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedAuthenticatorWebAuthnStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_authenticator_webauthn_create
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_retrieve
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_authenticator_webauthn_update
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_authenticator_webauthn_partial_update
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedAuthenticatorWebAuthnStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_authenticator_webauthn_destroy
|
|
description: AuthenticatorWebAuthnStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Authenticator Setup Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn_device_types/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_device_types_list
|
|
description: WebAuthnDeviceType Viewset
|
|
parameters:
|
|
- in: query
|
|
name: aaguid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: description
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: icon
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedWebAuthnDeviceTypeList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/authenticator/webauthn_device_types/{aaguid}/:
|
|
get:
|
|
operationId: stages_authenticator_webauthn_device_types_retrieve
|
|
description: WebAuthnDeviceType Viewset
|
|
parameters:
|
|
- in: path
|
|
name: aaguid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this WebAuthn Device type.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/:
|
|
get:
|
|
operationId: stages_captcha_list
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: public_key
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedCaptchaStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_captcha_create
|
|
description: CaptchaStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_captcha_retrieve
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_captcha_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_captcha_partial_update
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedCaptchaStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_captcha_destroy
|
|
description: CaptchaStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/captcha/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_captcha_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Captcha Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/:
|
|
get:
|
|
operationId: stages_consent_list
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: consent_expire_in
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentModeEnum'
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedConsentStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_consent_create
|
|
description: ConsentStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_consent_retrieve
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_consent_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_consent_partial_update
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedConsentStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_consent_destroy
|
|
description: ConsentStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/consent/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_consent_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Consent Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/:
|
|
get:
|
|
operationId: stages_deny_list
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: deny_message
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDenyStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_deny_create
|
|
description: DenyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_deny_retrieve
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_deny_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_deny_partial_update
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDenyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_deny_destroy
|
|
description: DenyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/deny/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_deny_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Deny Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/:
|
|
get:
|
|
operationId: stages_dummy_list
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: throw_error
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDummyStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_dummy_create
|
|
description: DummyStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_dummy_retrieve
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_dummy_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_dummy_partial_update
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDummyStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_dummy_destroy
|
|
description: DummyStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/dummy/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_dummy_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Dummy Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/:
|
|
get:
|
|
operationId: stages_email_list
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: activate_user_on_success
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: from_address
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: host
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: port
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: subject
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: timeout
|
|
schema:
|
|
type: integer
|
|
- in: query
|
|
name: token_expiry
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: use_global_settings
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_ssl
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: use_tls
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: username
|
|
schema:
|
|
type: string
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEmailStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_email_create
|
|
description: EmailStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_email_retrieve
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_email_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_email_partial_update
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEmailStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_email_destroy
|
|
description: EmailStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_email_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Email Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/email/templates/:
|
|
get:
|
|
operationId: stages_email_templates_list
|
|
description: Get all available templates, including custom templates
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TypeCreate'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/:
|
|
get:
|
|
operationId: stages_endpoints_list
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedEndpointStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_endpoints_create
|
|
description: EndpointStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_endpoints_retrieve
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_endpoints_update
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_endpoints_partial_update
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedEndpointStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_endpoints_destroy
|
|
description: EndpointStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/endpoints/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_endpoints_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Endpoint Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/:
|
|
get:
|
|
operationId: stages_identification_list
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: captcha_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: case_insensitive_matching
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: enrollment_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: password_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: passwordless_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: recovery_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: show_matched_user
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: show_source_labels
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: webauthn_stage
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedIdentificationStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_identification_create
|
|
description: IdentificationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_identification_retrieve
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_identification_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_identification_partial_update
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedIdentificationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_identification_destroy
|
|
description: IdentificationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/identification/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_identification_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Identification Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/:
|
|
get:
|
|
operationId: stages_invitation_invitations_list
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: query
|
|
name: created_by__username
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: expires
|
|
schema:
|
|
type: string
|
|
format: date-time
|
|
- in: query
|
|
name: flow__slug
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_invitation_invitations_create
|
|
description: Invitation Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/{invite_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_invitations_retrieve
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_invitation_invitations_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_invitation_invitations_partial_update
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Invitation'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_invitation_invitations_destroy
|
|
description: Invitation Viewset
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/{invite_uuid}/send_email/:
|
|
post:
|
|
operationId: stages_invitation_invitations_send_email_create
|
|
description: Send invitation link via email to one or more addresses
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationSendEmailRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/invitations/{invite_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_invitations_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: invite_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/:
|
|
get:
|
|
operationId: stages_invitation_stages_list
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: continue_flow_without_invitation
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: no_flows
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedInvitationStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_invitation_stages_create
|
|
description: InvitationStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_invitation_stages_retrieve
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_invitation_stages_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_invitation_stages_partial_update
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedInvitationStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_invitation_stages_destroy
|
|
description: InvitationStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/invitation/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_invitation_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Invitation Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/:
|
|
get:
|
|
operationId: stages_mtls_list
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: cert_attribute
|
|
schema:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
- in: query
|
|
name: certificate_authorities
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- in: query
|
|
name: mode
|
|
schema:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_attribute
|
|
schema:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedMutualTLSStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_mtls_create
|
|
description: MutualTLSStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_mtls_retrieve
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_mtls_update
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_mtls_partial_update
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedMutualTLSStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_mtls_destroy
|
|
description: MutualTLSStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/mtls/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_mtls_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Mutual TLS Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/:
|
|
get:
|
|
operationId: stages_password_list
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: allow_show_password
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: configure_flow
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: failed_attempts_before_cancel
|
|
schema:
|
|
type: integer
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPasswordStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_password_create
|
|
description: PasswordStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_password_retrieve
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_password_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_password_partial_update
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPasswordStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_password_destroy
|
|
description: PasswordStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/password/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_password_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Password Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/:
|
|
get:
|
|
operationId: stages_prompt_prompts_list
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: query
|
|
name: field_key
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: label
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: placeholder
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: type
|
|
schema:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_prompt_prompts_create
|
|
description: Prompt Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/{prompt_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_prompts_retrieve
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_prompt_prompts_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_prompt_prompts_partial_update
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Prompt'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_prompt_prompts_destroy
|
|
description: Prompt Viewset
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/{prompt_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_prompts_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: prompt_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/prompts/preview/:
|
|
post:
|
|
operationId: stages_prompt_prompts_preview_create
|
|
description: Preview a prompt as a challenge, just like a flow would receive
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptChallenge'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/:
|
|
get:
|
|
operationId: stages_prompt_stages_list
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: fields
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: validation_policies
|
|
schema:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
explode: true
|
|
style: form
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedPromptStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_prompt_stages_create
|
|
description: PromptStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_prompt_stages_retrieve
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_prompt_stages_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_prompt_stages_partial_update
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedPromptStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_prompt_stages_destroy
|
|
description: PromptStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/prompt/stages/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_prompt_stages_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Prompt Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/:
|
|
get:
|
|
operationId: stages_redirect_list
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedRedirectStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_redirect_create
|
|
description: RedirectStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_redirect_retrieve
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_redirect_update
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_redirect_partial_update
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedRedirectStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_redirect_destroy
|
|
description: RedirectStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/redirect/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_redirect_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Redirect Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/:
|
|
get:
|
|
operationId: stages_source_list
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: resume_timeout
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: source
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedSourceStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_source_create
|
|
description: SourceStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_source_retrieve
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_source_update
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_source_partial_update
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedSourceStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_source_destroy
|
|
description: SourceStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/source/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_source_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Source Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/:
|
|
get:
|
|
operationId: stages_user_delete_list
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserDeleteStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_delete_create
|
|
description: UserDeleteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_delete_retrieve
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_delete_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_delete_partial_update
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserDeleteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_delete_destroy
|
|
description: UserDeleteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_delete/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_delete_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Delete Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/:
|
|
get:
|
|
operationId: stages_user_login_list
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: geoip_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: |+
|
|
Bind sessions created by this stage to the configured GeoIP location
|
|
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- in: query
|
|
name: network_binding
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: |+
|
|
Bind sessions created by this stage to the configured network
|
|
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: remember_device
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: remember_me_offset
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: session_duration
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: terminate_other_sessions
|
|
schema:
|
|
type: boolean
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLoginStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_login_create
|
|
description: UserLoginStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_login_retrieve
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_login_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_login_partial_update
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLoginStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_login_destroy
|
|
description: UserLoginStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_login/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_login_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Login Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/:
|
|
get:
|
|
operationId: stages_user_logout_list
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserLogoutStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_logout_create
|
|
description: UserLogoutStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_logout_retrieve
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_logout_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_logout_partial_update
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserLogoutStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_logout_destroy
|
|
description: UserLogoutStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_logout/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_logout_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Logout Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/:
|
|
get:
|
|
operationId: stages_user_write_list
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: query
|
|
name: create_users_as_inactive
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: create_users_group
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- $ref: '#/components/parameters/QueryName'
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
- in: query
|
|
name: user_creation_mode
|
|
schema:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
- in: query
|
|
name: user_path_template
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: user_type
|
|
schema:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedUserWriteStageList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: stages_user_write_create
|
|
description: UserWriteStage Viewset
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/{stage_uuid}/:
|
|
get:
|
|
operationId: stages_user_write_retrieve
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: stages_user_write_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStageRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: stages_user_write_partial_update
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedUserWriteStageRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: stages_user_write_destroy
|
|
description: UserWriteStage Viewset
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/stages/user_write/{stage_uuid}/used_by/:
|
|
get:
|
|
operationId: stages_user_write_used_by_list
|
|
description: Get a list of all objects that use this object
|
|
parameters:
|
|
- in: path
|
|
name: stage_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this User Write Stage.
|
|
required: true
|
|
tags:
|
|
- stages
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UsedBy'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/:
|
|
get:
|
|
operationId: tasks_schedules_list
|
|
parameters:
|
|
- in: query
|
|
name: actor_name
|
|
schema:
|
|
type: string
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: paused
|
|
schema:
|
|
type: boolean
|
|
- in: query
|
|
name: rel_obj_content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__model
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedScheduleList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/{id}/:
|
|
get:
|
|
operationId: tasks_schedules_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tasks_schedules_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ScheduleRequest'
|
|
required: true
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tasks_schedules_partial_update
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedScheduleRequest'
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Schedule'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/schedules/{id}/send/:
|
|
post:
|
|
operationId: tasks_schedules_send_create
|
|
description: Trigger this schedule now
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Schedule.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Schedule sent successfully
|
|
'404':
|
|
description: Schedule not found
|
|
'500':
|
|
description: Failed to send schedule
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/:
|
|
get:
|
|
operationId: tasks_tasks_list
|
|
parameters:
|
|
- in: query
|
|
name: actor_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: aggregated_status
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TaskAggregatedStatusEnum'
|
|
explode: true
|
|
style: form
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- in: query
|
|
name: queue_name
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__app_label
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_content_type__model
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id
|
|
schema:
|
|
type: string
|
|
- in: query
|
|
name: rel_obj_id__isnull
|
|
schema:
|
|
type: boolean
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
- in: query
|
|
name: state
|
|
schema:
|
|
allOf:
|
|
- $ref: '#/components/schemas/TaskStatusEnum'
|
|
description: |+
|
|
Task status
|
|
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTaskList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/{message_id}/:
|
|
get:
|
|
operationId: tasks_tasks_retrieve
|
|
parameters:
|
|
- in: path
|
|
name: message_id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Task.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Task'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/{message_id}/retry/:
|
|
post:
|
|
operationId: tasks_tasks_retry_create
|
|
description: Retry task
|
|
parameters:
|
|
- in: path
|
|
name: message_id
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Task.
|
|
required: true
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'204':
|
|
description: Task retried successfully
|
|
'400':
|
|
description: Task is not in a retryable state
|
|
'404':
|
|
description: Task not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/tasks/status/:
|
|
get:
|
|
operationId: tasks_tasks_status_retrieve
|
|
description: Global status summary for all tasks
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GlobalTaskStatus'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tasks/workers/:
|
|
get:
|
|
operationId: tasks_workers_list
|
|
description: Get currently connected worker count.
|
|
tags:
|
|
- tasks
|
|
security:
|
|
- authentik: []
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Worker'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/domains/:
|
|
get:
|
|
operationId: tenants_domains_list
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedDomainList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: tenants_domains_create
|
|
description: Domain ViewSet
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DomainRequest'
|
|
required: true
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/domains/{id}/:
|
|
get:
|
|
operationId: tenants_domains_retrieve
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tenants_domains_update
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/DomainRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tenants_domains_partial_update
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedDomainRequest'
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Domain'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: tenants_domains_destroy
|
|
description: Domain ViewSet
|
|
parameters:
|
|
- in: path
|
|
name: id
|
|
schema:
|
|
type: integer
|
|
description: A unique integer value identifying this Domain.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/:
|
|
get:
|
|
operationId: tenants_tenants_list
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- $ref: '#/components/parameters/QueryPaginationOrdering'
|
|
- $ref: '#/components/parameters/QueryPaginationPage'
|
|
- $ref: '#/components/parameters/QueryPaginationPageSize'
|
|
- $ref: '#/components/parameters/QuerySearch'
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PaginatedTenantList'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
post:
|
|
operationId: tenants_tenants_create
|
|
description: Tenant Viewset
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
responses:
|
|
'201':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/:
|
|
get:
|
|
operationId: tenants_tenants_retrieve
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
put:
|
|
operationId: tenants_tenants_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
patch:
|
|
operationId: tenants_tenants_partial_update
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/PatchedTenantRequest'
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/Tenant'
|
|
description: ''
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
delete:
|
|
operationId: tenants_tenants_destroy
|
|
description: Tenant Viewset
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
responses:
|
|
'204':
|
|
description: No response body
|
|
'400':
|
|
$ref: '#/components/responses/ValidationErrorResponse'
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/create_admin_group/:
|
|
post:
|
|
operationId: tenants_tenants_create_admin_group_create
|
|
description: Create admin group and add user to it.
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantAdminGroupRequestRequest'
|
|
required: true
|
|
responses:
|
|
'204':
|
|
description: Group created successfully.
|
|
'400':
|
|
description: Bad request
|
|
'404':
|
|
description: User not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
/tenants/tenants/{tenant_uuid}/create_recovery_key/:
|
|
post:
|
|
operationId: tenants_tenants_create_recovery_key_create
|
|
description: Create recovery key for user.
|
|
parameters:
|
|
- in: path
|
|
name: tenant_uuid
|
|
schema:
|
|
type: string
|
|
format: uuid
|
|
description: A UUID string identifying this Tenant.
|
|
required: true
|
|
tags:
|
|
- tenants
|
|
requestBody:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRecoveryKeyRequestRequest'
|
|
required: true
|
|
responses:
|
|
'200':
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/TenantRecoveryKeyResponse'
|
|
description: ''
|
|
'400':
|
|
description: Bad request
|
|
'404':
|
|
description: User not found
|
|
'403':
|
|
$ref: '#/components/responses/GenericErrorResponse'
|
|
components:
|
|
parameters:
|
|
QueryName:
|
|
in: query
|
|
name: name
|
|
schema:
|
|
type: string
|
|
QueryPaginationOrdering:
|
|
in: query
|
|
name: ordering
|
|
schema:
|
|
type: string
|
|
description: Which field to use when ordering the results.
|
|
QueryPaginationPage:
|
|
in: query
|
|
name: page
|
|
schema:
|
|
type: integer
|
|
description: A page number within the paginated result set.
|
|
QueryPaginationPageSize:
|
|
in: query
|
|
name: page_size
|
|
schema:
|
|
type: integer
|
|
description: Number of results to return per page.
|
|
QuerySearch:
|
|
in: query
|
|
name: search
|
|
schema:
|
|
type: string
|
|
description: A search term.
|
|
responses:
|
|
GenericErrorResponse:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/GenericError'
|
|
description: ''
|
|
ValidationErrorResponse:
|
|
content:
|
|
application/json:
|
|
schema:
|
|
$ref: '#/components/schemas/ValidationError'
|
|
description: ''
|
|
schemas:
|
|
AccessDeniedChallenge:
|
|
type: object
|
|
description: Challenge when a flow's active stage calls `stage_invalid()`.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-access-denied
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AgentAuthenticationResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
url:
|
|
type: string
|
|
required:
|
|
- url
|
|
AgentConfig:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
device_id:
|
|
type: string
|
|
readOnly: true
|
|
refresh_interval:
|
|
type: integer
|
|
readOnly: true
|
|
authorization_flow:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
jwks_auth:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
jwks_challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
readOnly: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
nss_gid_offset:
|
|
type: integer
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
system_config:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Config'
|
|
readOnly: true
|
|
license_status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/LicenseStatusEnum'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- auth_terminate_session_on_expiry
|
|
- authorization_flow
|
|
- device_id
|
|
- jwks_auth
|
|
- jwks_challenge
|
|
- license_status
|
|
- nss_gid_offset
|
|
- nss_uid_offset
|
|
- refresh_interval
|
|
- system_config
|
|
AgentConnector:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
snapshot_expiry:
|
|
type: string
|
|
auth_session_duration:
|
|
type: string
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AgentConnectorRequest:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
snapshot_expiry:
|
|
type: string
|
|
minLength: 1
|
|
auth_session_duration:
|
|
type: string
|
|
minLength: 1
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
minLength: 1
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- name
|
|
AgentPSSODeviceRegistrationRequest:
|
|
type: object
|
|
description: Register Apple device via Platform SSO
|
|
properties:
|
|
device_signing_key:
|
|
type: string
|
|
minLength: 1
|
|
device_encryption_key:
|
|
type: string
|
|
minLength: 1
|
|
sign_key_id:
|
|
type: string
|
|
minLength: 1
|
|
enc_key_id:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- device_encryption_key
|
|
- device_signing_key
|
|
- enc_key_id
|
|
- sign_key_id
|
|
AgentPSSODeviceRegistrationResponse:
|
|
type: object
|
|
description: authentik settings for Platform SSO tokens
|
|
properties:
|
|
client_id:
|
|
type: string
|
|
issuer:
|
|
type: string
|
|
token_endpoint:
|
|
type: string
|
|
jwks_endpoint:
|
|
type: string
|
|
audience:
|
|
type: string
|
|
nonce_endpoint:
|
|
type: string
|
|
required:
|
|
- audience
|
|
- client_id
|
|
- issuer
|
|
- jwks_endpoint
|
|
- nonce_endpoint
|
|
- token_endpoint
|
|
AgentPSSOUserRegistrationRequest:
|
|
type: object
|
|
description: Register Apple device user via Platform SSO
|
|
properties:
|
|
user_auth:
|
|
type: string
|
|
minLength: 1
|
|
user_secure_enclave_key:
|
|
type: string
|
|
minLength: 1
|
|
enclave_key_id:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- enclave_key_id
|
|
- user_auth
|
|
- user_secure_enclave_key
|
|
AgentTokenResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
token:
|
|
type: string
|
|
expires_in:
|
|
type: integer
|
|
required:
|
|
- token
|
|
AlgEnum:
|
|
enum:
|
|
- rsa
|
|
- ecdsa
|
|
- ed25519
|
|
- ed448
|
|
type: string
|
|
App:
|
|
type: object
|
|
description: Serialize Application info
|
|
properties:
|
|
name:
|
|
type: string
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
- name
|
|
AppEnum:
|
|
enum:
|
|
- authentik.commands
|
|
- authentik.tenants
|
|
- authentik.tasks
|
|
- authentik.admin
|
|
- authentik.api
|
|
- authentik.core
|
|
- authentik.crypto
|
|
- authentik.endpoints
|
|
- authentik.endpoints.connectors.agent
|
|
- authentik.enterprise
|
|
- authentik.events
|
|
- authentik.admin.files
|
|
- authentik.flows
|
|
- authentik.outposts
|
|
- authentik.policies.dummy
|
|
- authentik.policies.event_matcher
|
|
- authentik.policies.expiry
|
|
- authentik.policies.expression
|
|
- authentik.policies.geoip
|
|
- authentik.policies.password
|
|
- authentik.policies.reputation
|
|
- authentik.policies
|
|
- authentik.providers.ldap
|
|
- authentik.providers.oauth2
|
|
- authentik.providers.proxy
|
|
- authentik.providers.rac
|
|
- authentik.providers.radius
|
|
- authentik.providers.saml
|
|
- authentik.providers.scim
|
|
- authentik.rbac
|
|
- authentik.recovery
|
|
- authentik.sources.kerberos
|
|
- authentik.sources.ldap
|
|
- authentik.sources.oauth
|
|
- authentik.sources.plex
|
|
- authentik.sources.saml
|
|
- authentik.sources.scim
|
|
- authentik.sources.telegram
|
|
- authentik.stages.authenticator
|
|
- authentik.stages.authenticator_duo
|
|
- authentik.stages.authenticator_email
|
|
- authentik.stages.authenticator_sms
|
|
- authentik.stages.authenticator_static
|
|
- authentik.stages.authenticator_totp
|
|
- authentik.stages.authenticator_validate
|
|
- authentik.stages.authenticator_webauthn
|
|
- authentik.stages.captcha
|
|
- authentik.stages.consent
|
|
- authentik.stages.deny
|
|
- authentik.stages.dummy
|
|
- authentik.stages.email
|
|
- authentik.stages.identification
|
|
- authentik.stages.invitation
|
|
- authentik.stages.password
|
|
- authentik.stages.prompt
|
|
- authentik.stages.redirect
|
|
- authentik.stages.user_delete
|
|
- authentik.stages.user_login
|
|
- authentik.stages.user_logout
|
|
- authentik.stages.user_write
|
|
- authentik.tasks.schedules
|
|
- authentik.brands
|
|
- authentik.blueprints
|
|
- authentik.enterprise.audit
|
|
- authentik.enterprise.endpoints.connectors.agent
|
|
- authentik.enterprise.endpoints.connectors.fleet
|
|
- authentik.enterprise.endpoints.connectors.google_chrome
|
|
- authentik.enterprise.lifecycle
|
|
- authentik.enterprise.policies.unique_password
|
|
- authentik.enterprise.providers.google_workspace
|
|
- authentik.enterprise.providers.microsoft_entra
|
|
- authentik.enterprise.providers.radius
|
|
- authentik.enterprise.providers.scim
|
|
- authentik.enterprise.providers.ssf
|
|
- authentik.enterprise.providers.ws_federation
|
|
- authentik.enterprise.reports
|
|
- authentik.enterprise.stages.authenticator_endpoint_gdtc
|
|
- authentik.enterprise.stages.mtls
|
|
- authentik.enterprise.stages.source
|
|
type: string
|
|
AppleChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for apple response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-oauth-apple
|
|
AppleIndependentSecureEnclave:
|
|
type: object
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
user:
|
|
type: integer
|
|
description: The user that this device belongs to.
|
|
apple_secure_enclave_key:
|
|
type: string
|
|
apple_enclave_key_id:
|
|
type: string
|
|
device_type:
|
|
type: string
|
|
required:
|
|
- apple_enclave_key_id
|
|
- apple_secure_enclave_key
|
|
- device_type
|
|
- user
|
|
AppleIndependentSecureEnclaveRequest:
|
|
type: object
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
user:
|
|
type: integer
|
|
description: The user that this device belongs to.
|
|
apple_secure_enclave_key:
|
|
type: string
|
|
minLength: 1
|
|
apple_enclave_key_id:
|
|
type: string
|
|
minLength: 1
|
|
device_type:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- apple_enclave_key_id
|
|
- apple_secure_enclave_key
|
|
- device_type
|
|
- user
|
|
AppleLoginChallenge:
|
|
type: object
|
|
description: Special challenge for apple-native authentication flow, which happens
|
|
on the client.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-oauth-apple
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
scope:
|
|
type: string
|
|
redirect_uri:
|
|
type: string
|
|
state:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- redirect_uri
|
|
- scope
|
|
- state
|
|
Application:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
backchannel_providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
launch_url:
|
|
type: string
|
|
nullable: true
|
|
description: Allow formatting of launch URL
|
|
readOnly: true
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_icon_url:
|
|
type: string
|
|
nullable: true
|
|
description: Get the URL to the App Icon image
|
|
readOnly: true
|
|
meta_icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- backchannel_providers_obj
|
|
- launch_url
|
|
- meta_icon_themed_urls
|
|
- meta_icon_url
|
|
- name
|
|
- pk
|
|
- provider_obj
|
|
- slug
|
|
ApplicationEntitlement:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- app
|
|
- name
|
|
- pbm_uuid
|
|
ApplicationEntitlementRequest:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- app
|
|
- name
|
|
ApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
required:
|
|
- name
|
|
- slug
|
|
AuthTypeEnum:
|
|
enum:
|
|
- basic
|
|
- bearer
|
|
type: string
|
|
AuthenticatedSession:
|
|
type: object
|
|
description: AuthenticatedSession Serializer
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
current:
|
|
type: boolean
|
|
description: Check if session is currently active session
|
|
readOnly: true
|
|
user_agent:
|
|
type: object
|
|
description: Get parsed user agent
|
|
properties:
|
|
device:
|
|
type: object
|
|
description: User agent device
|
|
properties:
|
|
brand:
|
|
type: string
|
|
family:
|
|
type: string
|
|
model:
|
|
type: string
|
|
required:
|
|
- brand
|
|
- family
|
|
- model
|
|
os:
|
|
type: object
|
|
description: User agent os
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
patch_minor:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
- patch_minor
|
|
user_agent:
|
|
type: object
|
|
description: User agent browser
|
|
properties:
|
|
family:
|
|
type: string
|
|
major:
|
|
type: string
|
|
minor:
|
|
type: string
|
|
patch:
|
|
type: string
|
|
required:
|
|
- family
|
|
- major
|
|
- minor
|
|
- patch
|
|
string:
|
|
type: string
|
|
required:
|
|
- device
|
|
- os
|
|
- string
|
|
- user_agent
|
|
readOnly: true
|
|
geo_ip:
|
|
type: object
|
|
description: Get GeoIP Data
|
|
properties:
|
|
continent:
|
|
type: string
|
|
nullable: true
|
|
country:
|
|
type: string
|
|
nullable: true
|
|
lat:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
long:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
city:
|
|
type: string
|
|
required:
|
|
- city
|
|
- continent
|
|
- country
|
|
- lat
|
|
- long
|
|
nullable: true
|
|
readOnly: true
|
|
asn:
|
|
type: object
|
|
description: Get ASN Data
|
|
properties:
|
|
asn:
|
|
type: integer
|
|
nullable: true
|
|
as_org:
|
|
type: string
|
|
nullable: true
|
|
network:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- as_org
|
|
- asn
|
|
- network
|
|
nullable: true
|
|
readOnly: true
|
|
user:
|
|
type: integer
|
|
last_ip:
|
|
type: string
|
|
readOnly: true
|
|
last_user_agent:
|
|
type: string
|
|
readOnly: true
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- asn
|
|
- current
|
|
- expires
|
|
- geo_ip
|
|
- last_ip
|
|
- last_used
|
|
- last_user_agent
|
|
- user
|
|
- user_agent
|
|
AuthenticationEnum:
|
|
enum:
|
|
- none
|
|
- require_authenticated
|
|
- require_unauthenticated
|
|
- require_superuser
|
|
- require_redirect
|
|
- require_outpost
|
|
- require_token
|
|
type: string
|
|
AuthenticatorAttachmentEnum:
|
|
enum:
|
|
- platform
|
|
- cross-platform
|
|
type: string
|
|
AuthenticatorDuoChallenge:
|
|
type: object
|
|
description: Duo Challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-duo
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
activation_barcode:
|
|
type: string
|
|
activation_code:
|
|
type: string
|
|
stage_uuid:
|
|
type: string
|
|
required:
|
|
- activation_barcode
|
|
- activation_code
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- stage_uuid
|
|
AuthenticatorDuoChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for duo response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-duo
|
|
AuthenticatorDuoStage:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
api_hostname:
|
|
type: string
|
|
admin_integration_key:
|
|
type: string
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorDuoStageDeviceImportResponse:
|
|
type: object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
error:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
- error
|
|
AuthenticatorDuoStageManualDeviceImportRequest:
|
|
type: object
|
|
properties:
|
|
duo_user_id:
|
|
type: string
|
|
minLength: 1
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- duo_user_id
|
|
- username
|
|
AuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
required:
|
|
- api_hostname
|
|
- client_id
|
|
- client_secret
|
|
- name
|
|
AuthenticatorEmailChallenge:
|
|
type: object
|
|
description: Authenticator Email Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-email
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
email:
|
|
type: string
|
|
nullable: true
|
|
email_required:
|
|
type: boolean
|
|
default: true
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorEmailChallengeResponseRequest:
|
|
type: object
|
|
description: Authenticator Email Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-email
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
email:
|
|
type: string
|
|
minLength: 1
|
|
AuthenticatorEmailStage:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
token_expiry:
|
|
type: string
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorEmailStageRequest:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
AuthenticatorEndpointGDTCStage:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- component
|
|
- credentials
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorEndpointGDTCStageRequest:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- credentials
|
|
- name
|
|
AuthenticatorSMSChallenge:
|
|
type: object
|
|
description: SMS Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-sms
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
phone_number_required:
|
|
type: boolean
|
|
default: true
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorSMSChallengeResponseRequest:
|
|
type: object
|
|
description: SMS Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-sms
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
phone_number:
|
|
type: string
|
|
minLength: 1
|
|
AuthenticatorSMSStage:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
account_sid:
|
|
type: string
|
|
auth:
|
|
type: string
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- component
|
|
- flow_set
|
|
- from_number
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
required:
|
|
- account_sid
|
|
- auth
|
|
- from_number
|
|
- name
|
|
- provider
|
|
AuthenticatorStaticChallenge:
|
|
type: object
|
|
description: Static authenticator challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-static
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
codes:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- codes
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorStaticChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for static response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-static
|
|
AuthenticatorStaticStage:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
required:
|
|
- name
|
|
AuthenticatorTOTPChallenge:
|
|
type: object
|
|
description: TOTP Setup challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-totp
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
config_url:
|
|
type: string
|
|
required:
|
|
- config_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorTOTPChallengeResponseRequest:
|
|
type: object
|
|
description: TOTP Challenge response, device is set by get_response_instance
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-totp
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- code
|
|
AuthenticatorTOTPStage:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- component
|
|
- digits
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
required:
|
|
- digits
|
|
- name
|
|
AuthenticatorValidateStage:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
webauthn_allowed_device_types_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
- webauthn_allowed_device_types_obj
|
|
AuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- name
|
|
AuthenticatorValidationChallenge:
|
|
type: object
|
|
description: Authenticator challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-validate
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
device_challenges:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceChallenge'
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SelectableStage'
|
|
required:
|
|
- configuration_stages
|
|
- device_challenges
|
|
- pending_user
|
|
- pending_user_avatar
|
|
AuthenticatorValidationChallengeResponseRequest:
|
|
type: object
|
|
description: Challenge used for Code-based and WebAuthn authenticators
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-validate
|
|
selected_challenge:
|
|
$ref: '#/components/schemas/DeviceChallengeRequest'
|
|
selected_stage:
|
|
type: string
|
|
minLength: 1
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
webauthn:
|
|
type: object
|
|
additionalProperties: {}
|
|
duo:
|
|
type: integer
|
|
AuthenticatorWebAuthnChallenge:
|
|
type: object
|
|
description: WebAuthn Challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-authenticator-webauthn
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
registration:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- registration
|
|
AuthenticatorWebAuthnChallengeResponseRequest:
|
|
type: object
|
|
description: WebAuthn Challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-authenticator-webauthn
|
|
response:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- response
|
|
AuthenticatorWebAuthnStage:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
device_type_restrictions_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
prevent_duplicate_devices:
|
|
type: boolean
|
|
description: When enabled, a given device can only be registered once.
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- component
|
|
- device_type_restrictions_obj
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
AuthenticatorWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
prevent_duplicate_devices:
|
|
type: boolean
|
|
description: When enabled, a given device can only be registered once.
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- name
|
|
AuthorizationCodeAuthMethodEnum:
|
|
enum:
|
|
- basic_auth
|
|
- post_body
|
|
type: string
|
|
AutoSubmitChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for autosubmit response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-autosubmit
|
|
Autocomplete:
|
|
type: object
|
|
additionalProperties: {}
|
|
AutosubmitChallenge:
|
|
type: object
|
|
description: Autosubmit challenge used to send and navigate a POST request
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-autosubmit
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
url:
|
|
type: string
|
|
attrs:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
title:
|
|
type: string
|
|
required:
|
|
- attrs
|
|
- url
|
|
BackendsEnum:
|
|
enum:
|
|
- authentik.core.auth.InbuiltBackend
|
|
- authentik.core.auth.TokenBackend
|
|
- authentik.sources.ldap.auth.LDAPBackend
|
|
- authentik.sources.kerberos.auth.KerberosBackend
|
|
type: string
|
|
BindingTypeEnum:
|
|
enum:
|
|
- REDIRECT
|
|
- POST
|
|
- POST_AUTO
|
|
type: string
|
|
BlueprintFile:
|
|
type: object
|
|
properties:
|
|
path:
|
|
type: string
|
|
last_m:
|
|
type: string
|
|
format: date-time
|
|
hash:
|
|
type: string
|
|
meta:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Metadata'
|
|
readOnly: true
|
|
required:
|
|
- hash
|
|
- last_m
|
|
- meta
|
|
- path
|
|
BlueprintImportResult:
|
|
type: object
|
|
description: Logs of an attempted blueprint import
|
|
properties:
|
|
logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
success:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- logs
|
|
- success
|
|
BlueprintInstance:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Instance uuid
|
|
name:
|
|
type: string
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_applied:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_applied_hash:
|
|
type: string
|
|
readOnly: true
|
|
status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/BlueprintInstanceStatusEnum'
|
|
readOnly: true
|
|
enabled:
|
|
type: boolean
|
|
managed_models:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
metadata:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
content:
|
|
type: string
|
|
required:
|
|
- last_applied
|
|
- last_applied_hash
|
|
- managed_models
|
|
- metadata
|
|
- name
|
|
- pk
|
|
- status
|
|
BlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
required:
|
|
- name
|
|
BlueprintInstanceStatusEnum:
|
|
enum:
|
|
- successful
|
|
- warning
|
|
- error
|
|
- orphaned
|
|
- unknown
|
|
type: string
|
|
BlueprintUploadRequest:
|
|
type: object
|
|
description: Serializer to upload file
|
|
properties:
|
|
file:
|
|
type: string
|
|
format: binary
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
Brand:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
brand_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_favicon:
|
|
type: string
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- brand_uuid
|
|
- domain
|
|
BrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- domain
|
|
BulkDeleteSessionResponse:
|
|
type: object
|
|
properties:
|
|
deleted:
|
|
type: integer
|
|
required:
|
|
- deleted
|
|
Cache:
|
|
type: object
|
|
description: Generic cache stats for an object
|
|
properties:
|
|
count:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- count
|
|
CapabilitiesEnum:
|
|
enum:
|
|
- can_save_media
|
|
- can_save_reports
|
|
- can_geo_ip
|
|
- can_asn
|
|
- can_impersonate
|
|
- can_debug
|
|
- is_enterprise
|
|
type: string
|
|
CaptchaChallenge:
|
|
type: object
|
|
description: Site public key
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-captcha
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
site_key:
|
|
type: string
|
|
js_url:
|
|
type: string
|
|
interactive:
|
|
type: boolean
|
|
required:
|
|
- interactive
|
|
- js_url
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- site_key
|
|
CaptchaChallengeResponseRequest:
|
|
type: object
|
|
description: Validate captcha token
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-captcha
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
CaptchaStage:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
public_key:
|
|
type: string
|
|
description: Public key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
api_url:
|
|
type: string
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- public_key
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
CaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
required:
|
|
- name
|
|
- private_key
|
|
- public_key
|
|
CertAttributeEnum:
|
|
enum:
|
|
- subject
|
|
- common_name
|
|
- email
|
|
type: string
|
|
CertificateData:
|
|
type: object
|
|
description: Get CertificateKeyPair's data
|
|
properties:
|
|
data:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- data
|
|
CertificateGenerationRequest:
|
|
type: object
|
|
description: Certificate generation parameters
|
|
properties:
|
|
common_name:
|
|
type: string
|
|
minLength: 1
|
|
subject_alt_name:
|
|
type: string
|
|
validity_days:
|
|
type: integer
|
|
alg:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AlgEnum'
|
|
default: rsa
|
|
required:
|
|
- common_name
|
|
- validity_days
|
|
CertificateKeyPair:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Kp uuid
|
|
name:
|
|
type: string
|
|
fingerprint_sha256:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: SHA256 fingerprint of the certificate
|
|
fingerprint_sha1:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: SHA1 fingerprint of the certificate
|
|
cert_expiry:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
description: Certificate expiry date
|
|
cert_subject:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: Certificate subject as RFC4514 string
|
|
private_key_available:
|
|
type: boolean
|
|
description: Show if this keypair has a private key configured or not
|
|
readOnly: true
|
|
key_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CertificateKeyPairKeyTypeEnum'
|
|
readOnly: true
|
|
nullable: true
|
|
description: Key algorithm type detected from the certificate's public key
|
|
certificate_download_url:
|
|
type: string
|
|
description: Get URL to download certificate
|
|
readOnly: true
|
|
private_key_download_url:
|
|
type: string
|
|
description: Get URL to download private key
|
|
readOnly: true
|
|
managed:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- cert_expiry
|
|
- cert_subject
|
|
- certificate_download_url
|
|
- fingerprint_sha1
|
|
- fingerprint_sha256
|
|
- key_type
|
|
- managed
|
|
- name
|
|
- pk
|
|
- private_key_available
|
|
- private_key_download_url
|
|
CertificateKeyPairKeyTypeEnum:
|
|
enum:
|
|
- rsa
|
|
- ec
|
|
- dsa
|
|
- ed25519
|
|
- ed448
|
|
type: string
|
|
CertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
required:
|
|
- certificate_data
|
|
- name
|
|
ChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AccessDeniedChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorEmailChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
- $ref: '#/components/schemas/AutosubmitChallenge'
|
|
- $ref: '#/components/schemas/CaptchaChallenge'
|
|
- $ref: '#/components/schemas/ConsentChallenge'
|
|
- $ref: '#/components/schemas/DummyChallenge'
|
|
- $ref: '#/components/schemas/EmailChallenge'
|
|
- $ref: '#/components/schemas/EndpointAgentChallenge'
|
|
- $ref: '#/components/schemas/FlowErrorChallenge'
|
|
- $ref: '#/components/schemas/FrameChallenge'
|
|
- $ref: '#/components/schemas/IdentificationChallenge'
|
|
- $ref: '#/components/schemas/IframeLogoutChallenge'
|
|
- $ref: '#/components/schemas/NativeLogoutChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
- $ref: '#/components/schemas/PasswordChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/PromptChallenge'
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/SessionEndChallenge'
|
|
- $ref: '#/components/schemas/ShellChallenge'
|
|
- $ref: '#/components/schemas/TelegramLoginChallenge'
|
|
- $ref: '#/components/schemas/UserLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-stage-access-denied: '#/components/schemas/AccessDeniedChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallenge'
|
|
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallenge'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallenge'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallenge'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallenge'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallenge'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallenge'
|
|
ak-stage-autosubmit: '#/components/schemas/AutosubmitChallenge'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallenge'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallenge'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallenge'
|
|
ak-stage-email: '#/components/schemas/EmailChallenge'
|
|
ak-stage-endpoint-agent: '#/components/schemas/EndpointAgentChallenge'
|
|
ak-stage-flow-error: '#/components/schemas/FlowErrorChallenge'
|
|
xak-flow-frame: '#/components/schemas/FrameChallenge'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallenge'
|
|
ak-provider-iframe-logout: '#/components/schemas/IframeLogoutChallenge'
|
|
ak-provider-saml-native-logout: '#/components/schemas/NativeLogoutChallenge'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallenge'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallenge'
|
|
ak-stage-password: '#/components/schemas/PasswordChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallenge'
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
ak-stage-session-end: '#/components/schemas/SessionEndChallenge'
|
|
xak-flow-shell: '#/components/schemas/ShellChallenge'
|
|
ak-source-telegram: '#/components/schemas/TelegramLoginChallenge'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallenge'
|
|
ClientTypeEnum:
|
|
enum:
|
|
- confidential
|
|
- public
|
|
type: string
|
|
CompatibilityModeEnum:
|
|
enum:
|
|
- default
|
|
- aws
|
|
- slack
|
|
- sfdc
|
|
- webex
|
|
type: string
|
|
Config:
|
|
type: object
|
|
description: Serialize authentik Config into DRF Object
|
|
properties:
|
|
error_reporting:
|
|
$ref: '#/components/schemas/ErrorReportingConfig'
|
|
capabilities:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CapabilitiesEnum'
|
|
cache_timeout:
|
|
type: integer
|
|
cache_timeout_flows:
|
|
type: integer
|
|
cache_timeout_policies:
|
|
type: integer
|
|
required:
|
|
- cache_timeout
|
|
- cache_timeout_flows
|
|
- cache_timeout_policies
|
|
- capabilities
|
|
- error_reporting
|
|
ConnectionToken:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RACProvider'
|
|
readOnly: true
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
endpoint_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Endpoint'
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- endpoint
|
|
- endpoint_obj
|
|
- provider
|
|
- provider_obj
|
|
- user
|
|
ConnectionTokenRequest:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- endpoint
|
|
- provider
|
|
Connector:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ConsentChallenge:
|
|
type: object
|
|
description: Challenge info for consent screens
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-consent
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
header_text:
|
|
type: string
|
|
permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
additional_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentPermission'
|
|
token:
|
|
type: string
|
|
required:
|
|
- additional_permissions
|
|
- pending_user
|
|
- pending_user_avatar
|
|
- permissions
|
|
- token
|
|
ConsentChallengeResponseRequest:
|
|
type: object
|
|
description: Consent challenge response, any valid response request is valid
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-consent
|
|
token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- token
|
|
ConsentModeEnum:
|
|
enum:
|
|
- always_require
|
|
- permanent
|
|
- expiring
|
|
type: string
|
|
ConsentPermission:
|
|
type: object
|
|
description: Permission used for consent
|
|
properties:
|
|
name:
|
|
type: string
|
|
id:
|
|
type: string
|
|
required:
|
|
- id
|
|
- name
|
|
ConsentStage:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
ContentType:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- id
|
|
- model
|
|
- verbose_name_plural
|
|
ContentTypeEnum:
|
|
enum:
|
|
- authentik_core.application
|
|
- authentik_core.group
|
|
- authentik_rbac.role
|
|
type: string
|
|
ContextualFlowInfo:
|
|
type: object
|
|
description: Contextual flow information for a challenge
|
|
properties:
|
|
title:
|
|
type: string
|
|
background:
|
|
type: string
|
|
background_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
nullable: true
|
|
cancel_url:
|
|
type: string
|
|
layout:
|
|
$ref: '#/components/schemas/ContextualFlowInfoLayoutEnum'
|
|
required:
|
|
- cancel_url
|
|
- layout
|
|
ContextualFlowInfoLayoutEnum:
|
|
enum:
|
|
- stacked
|
|
- content_left
|
|
- content_right
|
|
- sidebar_left
|
|
- sidebar_right
|
|
- sidebar_left_frame_background
|
|
- sidebar_right_frame_background
|
|
type: string
|
|
CountryCodeEnum:
|
|
enum:
|
|
- AF
|
|
- AX
|
|
- AL
|
|
- DZ
|
|
- AS
|
|
- AD
|
|
- AO
|
|
- AI
|
|
- AQ
|
|
- AG
|
|
- AR
|
|
- AM
|
|
- AW
|
|
- AU
|
|
- AT
|
|
- AZ
|
|
- BS
|
|
- BH
|
|
- BD
|
|
- BB
|
|
- BY
|
|
- BE
|
|
- BZ
|
|
- BJ
|
|
- BM
|
|
- BT
|
|
- BO
|
|
- BQ
|
|
- BA
|
|
- BW
|
|
- BV
|
|
- BR
|
|
- IO
|
|
- BN
|
|
- BG
|
|
- BF
|
|
- BI
|
|
- CV
|
|
- KH
|
|
- CM
|
|
- CA
|
|
- KY
|
|
- CF
|
|
- TD
|
|
- CL
|
|
- CN
|
|
- CX
|
|
- CC
|
|
- CO
|
|
- KM
|
|
- CG
|
|
- CK
|
|
- CR
|
|
- CI
|
|
- HR
|
|
- CU
|
|
- CW
|
|
- CY
|
|
- CZ
|
|
- CD
|
|
- DK
|
|
- DJ
|
|
- DM
|
|
- DO
|
|
- EC
|
|
- EG
|
|
- SV
|
|
- GQ
|
|
- ER
|
|
- EE
|
|
- SZ
|
|
- ET
|
|
- FK
|
|
- FO
|
|
- FJ
|
|
- FI
|
|
- FR
|
|
- GF
|
|
- PF
|
|
- TF
|
|
- GA
|
|
- GM
|
|
- GE
|
|
- DE
|
|
- GH
|
|
- GI
|
|
- GR
|
|
- GL
|
|
- GD
|
|
- GP
|
|
- GU
|
|
- GT
|
|
- GG
|
|
- GN
|
|
- GW
|
|
- GY
|
|
- HT
|
|
- HM
|
|
- HN
|
|
- HK
|
|
- HU
|
|
- IS
|
|
- IN
|
|
- ID
|
|
- IR
|
|
- IQ
|
|
- IE
|
|
- IM
|
|
- IL
|
|
- IT
|
|
- JM
|
|
- JP
|
|
- JE
|
|
- JO
|
|
- KZ
|
|
- KE
|
|
- KI
|
|
- KW
|
|
- KG
|
|
- LA
|
|
- LV
|
|
- LB
|
|
- LS
|
|
- LR
|
|
- LY
|
|
- LI
|
|
- LT
|
|
- LU
|
|
- MO
|
|
- MG
|
|
- MW
|
|
- MY
|
|
- MV
|
|
- ML
|
|
- MT
|
|
- MH
|
|
- MQ
|
|
- MR
|
|
- MU
|
|
- YT
|
|
- MX
|
|
- FM
|
|
- MD
|
|
- MC
|
|
- MN
|
|
- ME
|
|
- MS
|
|
- MA
|
|
- MZ
|
|
- MM
|
|
- NA
|
|
- NR
|
|
- NP
|
|
- NL
|
|
- NC
|
|
- NZ
|
|
- NI
|
|
- NE
|
|
- NG
|
|
- NU
|
|
- NF
|
|
- KP
|
|
- MK
|
|
- MP
|
|
- 'NO'
|
|
- OM
|
|
- PK
|
|
- PW
|
|
- PS
|
|
- PA
|
|
- PG
|
|
- PY
|
|
- PE
|
|
- PH
|
|
- PN
|
|
- PL
|
|
- PT
|
|
- PR
|
|
- QA
|
|
- RE
|
|
- RO
|
|
- RU
|
|
- RW
|
|
- BL
|
|
- SH
|
|
- KN
|
|
- LC
|
|
- MF
|
|
- PM
|
|
- VC
|
|
- WS
|
|
- SM
|
|
- ST
|
|
- SA
|
|
- SN
|
|
- RS
|
|
- SC
|
|
- SL
|
|
- SG
|
|
- SX
|
|
- SK
|
|
- SI
|
|
- SB
|
|
- SO
|
|
- ZA
|
|
- GS
|
|
- KR
|
|
- SS
|
|
- ES
|
|
- LK
|
|
- SD
|
|
- SR
|
|
- SJ
|
|
- SE
|
|
- CH
|
|
- SY
|
|
- TW
|
|
- TJ
|
|
- TZ
|
|
- TH
|
|
- TL
|
|
- TG
|
|
- TK
|
|
- TO
|
|
- TT
|
|
- TN
|
|
- TR
|
|
- TM
|
|
- TC
|
|
- TV
|
|
- UG
|
|
- UA
|
|
- AE
|
|
- GB
|
|
- UM
|
|
- US
|
|
- UY
|
|
- UZ
|
|
- VU
|
|
- VA
|
|
- VE
|
|
- VN
|
|
- VG
|
|
- VI
|
|
- WF
|
|
- EH
|
|
- YE
|
|
- ZM
|
|
- ZW
|
|
type: string
|
|
CurrentBrand:
|
|
type: object
|
|
description: Partial brand information for styling
|
|
properties:
|
|
matched_domain:
|
|
type: string
|
|
branding_title:
|
|
type: string
|
|
branding_logo:
|
|
type: string
|
|
branding_logo_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
branding_favicon:
|
|
type: string
|
|
branding_favicon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
branding_custom_css:
|
|
type: string
|
|
ui_footer_links:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FooterLink'
|
|
readOnly: true
|
|
ui_theme:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UiThemeEnum'
|
|
readOnly: true
|
|
default: automatic
|
|
flow_authentication:
|
|
type: string
|
|
flow_invalidation:
|
|
type: string
|
|
flow_recovery:
|
|
type: string
|
|
flow_unenrollment:
|
|
type: string
|
|
flow_user_settings:
|
|
type: string
|
|
flow_device_code:
|
|
type: string
|
|
default_locale:
|
|
type: string
|
|
readOnly: true
|
|
flags:
|
|
type: object
|
|
properties:
|
|
core_default_app_access:
|
|
type: boolean
|
|
description: Configure if applications without any policy/group/user
|
|
bindings should be accessible to any user.
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
description: Include additional information in audit logs, may incur
|
|
a performance penalty.
|
|
flows_continuous_login:
|
|
type: boolean
|
|
description: Upon successful authentication, re-start authentication
|
|
in other open tabs.
|
|
flows_refresh_others:
|
|
type: boolean
|
|
description: Refresh other tabs after successful authentication.
|
|
required:
|
|
- core_default_app_access
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_continuous_login
|
|
- flows_refresh_others
|
|
readOnly: true
|
|
required:
|
|
- branding_custom_css
|
|
- branding_favicon
|
|
- branding_favicon_themed_urls
|
|
- branding_logo
|
|
- branding_logo_themed_urls
|
|
- branding_title
|
|
- default_locale
|
|
- flags
|
|
- matched_domain
|
|
- ui_footer_links
|
|
- ui_theme
|
|
DataExport:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
requested_by:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
requested_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
content_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ContentType'
|
|
readOnly: true
|
|
query_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
file_url:
|
|
type: string
|
|
readOnly: true
|
|
completed:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- completed
|
|
- content_type
|
|
- file_url
|
|
- id
|
|
- query_params
|
|
- requested_by
|
|
- requested_on
|
|
DeliveryMethodEnum:
|
|
enum:
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/push
|
|
- https://schemas.openid.net/secevent/risc/delivery-method/poll
|
|
- urn:ietf:rfc:8935
|
|
- urn:ietf:rfc:8936
|
|
type: string
|
|
DeniedActionEnum:
|
|
enum:
|
|
- message_continue
|
|
- message
|
|
- continue
|
|
type: string
|
|
DenyStage:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
deny_message:
|
|
type: string
|
|
required:
|
|
- name
|
|
DetailedCountry:
|
|
type: object
|
|
properties:
|
|
code:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
name:
|
|
type: string
|
|
required:
|
|
- code
|
|
- name
|
|
Device:
|
|
type: object
|
|
description: Serializer for authenticator devices
|
|
properties:
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
type:
|
|
type: string
|
|
description: Get type of device
|
|
readOnly: true
|
|
confirmed:
|
|
type: boolean
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
extra_description:
|
|
type: string
|
|
nullable: true
|
|
description: Get extra description
|
|
readOnly: true
|
|
external_id:
|
|
type: string
|
|
nullable: true
|
|
description: Get external Device ID
|
|
readOnly: true
|
|
required:
|
|
- confirmed
|
|
- created
|
|
- external_id
|
|
- extra_description
|
|
- last_updated
|
|
- last_used
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DeviceAccessGroup:
|
|
type: object
|
|
properties:
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- pbm_uuid
|
|
DeviceAccessGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
DeviceChallenge:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
device_uid:
|
|
type: string
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
- last_used
|
|
DeviceChallengeRequest:
|
|
type: object
|
|
description: Single device challenge
|
|
properties:
|
|
device_class:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
device_uid:
|
|
type: string
|
|
minLength: 1
|
|
challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
last_used:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- challenge
|
|
- device_class
|
|
- device_uid
|
|
- last_used
|
|
DeviceClassesEnum:
|
|
enum:
|
|
- static
|
|
- totp
|
|
- webauthn
|
|
- duo
|
|
- sms
|
|
- email
|
|
type: string
|
|
DeviceConnection:
|
|
type: object
|
|
properties:
|
|
device:
|
|
type: string
|
|
format: uuid
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
latest_snapshot:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- connector_obj
|
|
- device
|
|
- latest_snapshot
|
|
DeviceFactSnapshot:
|
|
type: object
|
|
properties:
|
|
data:
|
|
$ref: '#/components/schemas/DeviceFacts'
|
|
connection:
|
|
type: string
|
|
format: uuid
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
nullable: true
|
|
vendor:
|
|
allOf:
|
|
- $ref: '#/components/schemas/VendorEnum'
|
|
readOnly: true
|
|
required:
|
|
- connection
|
|
- created
|
|
- data
|
|
- expires
|
|
- vendor
|
|
DeviceFacts:
|
|
type: object
|
|
properties:
|
|
os:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OperatingSystem'
|
|
nullable: true
|
|
disks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Disk'
|
|
nullable: true
|
|
network:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Network'
|
|
nullable: true
|
|
hardware:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Hardware'
|
|
nullable: true
|
|
software:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Software'
|
|
nullable: true
|
|
processes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Process'
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUser'
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceGroup'
|
|
nullable: true
|
|
vendor:
|
|
type: object
|
|
additionalProperties: {}
|
|
DeviceFactsOSFamily:
|
|
enum:
|
|
- linux
|
|
- unix
|
|
- bsd
|
|
- windows
|
|
- mac_os
|
|
- android
|
|
- i_os
|
|
- other
|
|
type: string
|
|
DeviceFactsRequest:
|
|
type: object
|
|
properties:
|
|
os:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OperatingSystemRequest'
|
|
nullable: true
|
|
disks:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DiskRequest'
|
|
nullable: true
|
|
network:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkRequest'
|
|
nullable: true
|
|
hardware:
|
|
allOf:
|
|
- $ref: '#/components/schemas/HardwareRequest'
|
|
nullable: true
|
|
software:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SoftwareRequest'
|
|
nullable: true
|
|
processes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProcessRequest'
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUserRequest'
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceGroupRequest'
|
|
nullable: true
|
|
vendor:
|
|
type: object
|
|
additionalProperties: {}
|
|
DeviceGroup:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
name:
|
|
type: string
|
|
required:
|
|
- id
|
|
DeviceGroupRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
DeviceSummary:
|
|
type: object
|
|
description: Summary of registered devices
|
|
properties:
|
|
total_count:
|
|
type: integer
|
|
unreachable_count:
|
|
type: integer
|
|
outdated_agent_count:
|
|
type: integer
|
|
required:
|
|
- outdated_agent_count
|
|
- total_count
|
|
- unreachable_count
|
|
DeviceUser:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
username:
|
|
type: string
|
|
name:
|
|
type: string
|
|
home:
|
|
type: string
|
|
required:
|
|
- id
|
|
DeviceUserBinding:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy binding uuid
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
policy_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Policy'
|
|
readOnly: true
|
|
nullable: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
nullable: true
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
required:
|
|
- connector
|
|
- connector_obj
|
|
- group_obj
|
|
- order
|
|
- pk
|
|
- policy_obj
|
|
- target
|
|
- user_obj
|
|
DeviceUserBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
required:
|
|
- order
|
|
- target
|
|
DeviceUserRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
home:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
DigestAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#sha1
|
|
- http://www.w3.org/2001/04/xmlenc#sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#sha384
|
|
- http://www.w3.org/2001/04/xmlenc#sha512
|
|
type: string
|
|
DigitsEnum:
|
|
enum:
|
|
- '6'
|
|
- '8'
|
|
type: string
|
|
Disk:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
mountpoint:
|
|
type: string
|
|
label:
|
|
type: string
|
|
capacity_total_bytes:
|
|
type: integer
|
|
format: int64
|
|
capacity_used_bytes:
|
|
type: integer
|
|
format: int64
|
|
encryption_enabled:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- mountpoint
|
|
- name
|
|
DiskRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mountpoint:
|
|
type: string
|
|
minLength: 1
|
|
label:
|
|
type: string
|
|
capacity_total_bytes:
|
|
type: integer
|
|
format: int64
|
|
capacity_used_bytes:
|
|
type: integer
|
|
format: int64
|
|
encryption_enabled:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- mountpoint
|
|
- name
|
|
DockerServiceConnection:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
required:
|
|
- name
|
|
- url
|
|
Domain:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
domain:
|
|
type: string
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- id
|
|
- tenant
|
|
DomainRequest:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- domain
|
|
- tenant
|
|
DummyChallenge:
|
|
type: object
|
|
description: Dummy challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-dummy
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
DummyChallengeResponseRequest:
|
|
type: object
|
|
description: Dummy challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-dummy
|
|
DummyPolicy:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
DummyStage:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
DummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
throw_error:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
DuoDevice:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- user
|
|
DuoDeviceEnrollmentStatus:
|
|
type: object
|
|
properties:
|
|
duo_response:
|
|
$ref: '#/components/schemas/DuoResponseEnum'
|
|
required:
|
|
- duo_response
|
|
DuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
DuoResponseEnum:
|
|
enum:
|
|
- success
|
|
- waiting
|
|
- invalid
|
|
type: string
|
|
EmailChallenge:
|
|
type: object
|
|
description: Email challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-email
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
EmailChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Email challenge resposen. No fields. This challenge is
|
|
always declared invalid to give the user a chance to retry
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-email
|
|
EmailDevice:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
email:
|
|
type: string
|
|
format: email
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- email
|
|
- name
|
|
- pk
|
|
- user
|
|
EmailDeviceRequest:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
EmailStage:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
template:
|
|
type: string
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- name
|
|
Endpoint:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RACProvider'
|
|
readOnly: true
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
launch_url:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Build actual launch URL (the provider itself does not have one, just
|
|
individual endpoints)
|
|
readOnly: true
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- auth_mode
|
|
- host
|
|
- launch_url
|
|
- name
|
|
- pk
|
|
- protocol
|
|
- provider
|
|
- provider_obj
|
|
EndpointAgentChallenge:
|
|
type: object
|
|
description: Signed challenge for authentik agent to respond to
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-endpoint-agent
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
challenge:
|
|
type: string
|
|
challenge_idle_timeout:
|
|
type: integer
|
|
required:
|
|
- challenge
|
|
- challenge_idle_timeout
|
|
EndpointAgentChallengeResponseRequest:
|
|
type: object
|
|
description: Response to signed challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-endpoint-agent
|
|
response:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
EndpointAuthModeEnum:
|
|
enum:
|
|
- static
|
|
- prompt
|
|
type: string
|
|
EndpointDevice:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
facts:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- facts
|
|
- name
|
|
- pbm_uuid
|
|
EndpointDeviceDetails:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
pbm_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
facts:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceFactSnapshot'
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
connections_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceConnection'
|
|
policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
connections:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
required:
|
|
- connections
|
|
- connections_obj
|
|
- facts
|
|
- name
|
|
- pbm_uuid
|
|
- policies
|
|
EndpointDeviceRequest:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
EndpointRequest:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
provider:
|
|
type: integer
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- auth_mode
|
|
- host
|
|
- name
|
|
- protocol
|
|
- provider
|
|
EndpointStage:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
connector_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Connector'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
required:
|
|
- component
|
|
- connector
|
|
- connector_obj
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EndpointStageRequest:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
required:
|
|
- connector
|
|
- name
|
|
EnrollRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
device_serial:
|
|
type: string
|
|
minLength: 1
|
|
device_name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- device_name
|
|
- device_serial
|
|
EnrollmentToken:
|
|
type: object
|
|
properties:
|
|
token_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
device_group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeviceAccessGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- device_group_obj
|
|
- name
|
|
- token_uuid
|
|
EnrollmentTokenRequest:
|
|
type: object
|
|
properties:
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
required:
|
|
- connector
|
|
- name
|
|
ErrorDetail:
|
|
type: object
|
|
description: Serializer for rest_framework's error messages
|
|
properties:
|
|
string:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- code
|
|
- string
|
|
ErrorReportingConfig:
|
|
type: object
|
|
description: Config for error reporting
|
|
properties:
|
|
enabled:
|
|
type: boolean
|
|
readOnly: true
|
|
sentry_dsn:
|
|
type: string
|
|
readOnly: true
|
|
environment:
|
|
type: string
|
|
readOnly: true
|
|
send_pii:
|
|
type: boolean
|
|
readOnly: true
|
|
traces_sample_rate:
|
|
type: number
|
|
format: double
|
|
readOnly: true
|
|
required:
|
|
- enabled
|
|
- environment
|
|
- send_pii
|
|
- sentry_dsn
|
|
- traces_sample_rate
|
|
Event:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Event uuid
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
- created
|
|
- pk
|
|
EventActions:
|
|
enum:
|
|
- login
|
|
- login_failed
|
|
- logout
|
|
- user_write
|
|
- suspicious_request
|
|
- password_set
|
|
- secret_view
|
|
- secret_rotate
|
|
- invitation_used
|
|
- authorize_application
|
|
- source_linked
|
|
- impersonation_started
|
|
- impersonation_ended
|
|
- flow_execution
|
|
- policy_execution
|
|
- policy_exception
|
|
- property_mapping_exception
|
|
- system_task_execution
|
|
- system_task_exception
|
|
- system_exception
|
|
- configuration_error
|
|
- configuration_warning
|
|
- model_created
|
|
- model_updated
|
|
- model_deleted
|
|
- email_sent
|
|
- update_available
|
|
- export_ready
|
|
- review_initiated
|
|
- review_overdue
|
|
- review_attested
|
|
- review_completed
|
|
- custom_
|
|
type: string
|
|
EventMatcherPolicy:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
query:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
EventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
query:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
EventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- action
|
|
- app
|
|
EventStats:
|
|
type: object
|
|
description: Count of unique users in events and aggregated counts per specified
|
|
deltas
|
|
properties:
|
|
unique_users:
|
|
type: integer
|
|
count_step:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- count_step
|
|
- unique_users
|
|
EventTopPerUser:
|
|
type: object
|
|
description: Response object of Event's top_per_user
|
|
properties:
|
|
application:
|
|
type: object
|
|
additionalProperties: {}
|
|
counted_events:
|
|
type: integer
|
|
unique_users:
|
|
type: integer
|
|
required:
|
|
- application
|
|
- counted_events
|
|
- unique_users
|
|
EventVolume:
|
|
type: object
|
|
description: Count of events of action created on day for a single event action
|
|
properties:
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
time:
|
|
type: string
|
|
format: date-time
|
|
count:
|
|
type: integer
|
|
required:
|
|
- action
|
|
- count
|
|
- time
|
|
EventsRequestedEnum:
|
|
enum:
|
|
- https://schemas.openid.net/secevent/caep/event-type/session-revoked
|
|
- https://schemas.openid.net/secevent/caep/event-type/credential-change
|
|
- https://schemas.openid.net/secevent/ssf/event-type/verification
|
|
type: string
|
|
ExpiringBaseGrantModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and ExpiringBaseGrant
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
ExpressionPolicy:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
expression:
|
|
type: string
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
ExtraRoleObjectPermission:
|
|
type: object
|
|
description: Role permission with additional object-related data
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Get app label from permission's model
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Get model label from permission's model
|
|
readOnly: true
|
|
object_description:
|
|
type: string
|
|
nullable: true
|
|
description: |-
|
|
Get model description from attached model. This operation takes at least
|
|
one additional query, and the description is only shown if the role has the
|
|
view_ permission on the object
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
- object_description
|
|
- object_pk
|
|
FileList:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
name:
|
|
type: string
|
|
mime_type:
|
|
type: string
|
|
url:
|
|
type: string
|
|
themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
nullable: true
|
|
required:
|
|
- mime_type
|
|
- name
|
|
- url
|
|
FileUploadRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
file:
|
|
type: string
|
|
format: binary
|
|
name:
|
|
type: string
|
|
usage:
|
|
type: string
|
|
minLength: 1
|
|
default: media
|
|
required:
|
|
- file
|
|
FleetConnector:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
format: uri
|
|
maxLength: 200
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
FleetConnectorRequest:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- token
|
|
- url
|
|
Flow:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
background_url:
|
|
type: string
|
|
description: Get the URL to the background image
|
|
readOnly: true
|
|
background_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
cache_count:
|
|
type: integer
|
|
description: Get count of cached flows
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
required:
|
|
- background_themed_urls
|
|
- background_url
|
|
- cache_count
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policies
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- stages
|
|
- title
|
|
FlowChallengeResponseRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/AppleChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/DummyChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/EmailChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/EndpointAgentChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/FrameChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/IframeLogoutChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/NativeLogoutChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/PromptChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/RedirectChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/TelegramChallengeResponseRequest'
|
|
- $ref: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
ak-source-oauth-apple: '#/components/schemas/AppleChallengeResponseRequest'
|
|
ak-stage-authenticator-duo: '#/components/schemas/AuthenticatorDuoChallengeResponseRequest'
|
|
ak-stage-authenticator-email: '#/components/schemas/AuthenticatorEmailChallengeResponseRequest'
|
|
ak-stage-authenticator-sms: '#/components/schemas/AuthenticatorSMSChallengeResponseRequest'
|
|
ak-stage-authenticator-static: '#/components/schemas/AuthenticatorStaticChallengeResponseRequest'
|
|
ak-stage-authenticator-totp: '#/components/schemas/AuthenticatorTOTPChallengeResponseRequest'
|
|
ak-stage-authenticator-validate: '#/components/schemas/AuthenticatorValidationChallengeResponseRequest'
|
|
ak-stage-authenticator-webauthn: '#/components/schemas/AuthenticatorWebAuthnChallengeResponseRequest'
|
|
ak-stage-autosubmit: '#/components/schemas/AutoSubmitChallengeResponseRequest'
|
|
ak-stage-captcha: '#/components/schemas/CaptchaChallengeResponseRequest'
|
|
ak-stage-consent: '#/components/schemas/ConsentChallengeResponseRequest'
|
|
ak-stage-dummy: '#/components/schemas/DummyChallengeResponseRequest'
|
|
ak-stage-email: '#/components/schemas/EmailChallengeResponseRequest'
|
|
ak-stage-endpoint-agent: '#/components/schemas/EndpointAgentChallengeResponseRequest'
|
|
xak-flow-frame: '#/components/schemas/FrameChallengeResponseRequest'
|
|
ak-stage-identification: '#/components/schemas/IdentificationChallengeResponseRequest'
|
|
ak-provider-iframe-logout: '#/components/schemas/IframeLogoutChallengeResponseRequest'
|
|
ak-provider-saml-native-logout: '#/components/schemas/NativeLogoutChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code: '#/components/schemas/OAuthDeviceCodeChallengeResponseRequest'
|
|
ak-provider-oauth2-device-code-finish: '#/components/schemas/OAuthDeviceCodeFinishChallengeResponseRequest'
|
|
ak-stage-password: '#/components/schemas/PasswordChallengeResponseRequest'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallengeResponseRequest'
|
|
ak-stage-prompt: '#/components/schemas/PromptChallengeResponseRequest'
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallengeResponseRequest'
|
|
ak-source-telegram: '#/components/schemas/TelegramChallengeResponseRequest'
|
|
ak-stage-user-login: '#/components/schemas/UserLoginChallengeResponseRequest'
|
|
FlowDesignationEnum:
|
|
enum:
|
|
- authentication
|
|
- authorization
|
|
- invalidation
|
|
- enrollment
|
|
- unenrollment
|
|
- recovery
|
|
- stage_configuration
|
|
type: string
|
|
FlowDiagram:
|
|
type: object
|
|
description: response of the flow's diagram action
|
|
properties:
|
|
diagram:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- diagram
|
|
FlowErrorChallenge:
|
|
type: object
|
|
description: |-
|
|
Challenge class when an unhandled error occurs during a stage. Normal users
|
|
are shown an error message, superusers are shown a full stacktrace.
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-flow-error
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
request_id:
|
|
type: string
|
|
error:
|
|
type: string
|
|
traceback:
|
|
type: string
|
|
required:
|
|
- request_id
|
|
FlowInspection:
|
|
type: object
|
|
description: Serializer for inspect endpoint
|
|
properties:
|
|
plans:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
current_plan:
|
|
$ref: '#/components/schemas/FlowInspectorPlan'
|
|
is_completed:
|
|
type: boolean
|
|
required:
|
|
- is_completed
|
|
- plans
|
|
FlowInspectorPlan:
|
|
type: object
|
|
description: Serializer for an active FlowPlan
|
|
properties:
|
|
current_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
next_planned_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowStageBinding'
|
|
readOnly: true
|
|
plan_context:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get the plan's context, sanitized
|
|
readOnly: true
|
|
session_id:
|
|
type: string
|
|
description: Get a unique session ID
|
|
readOnly: true
|
|
required:
|
|
- current_stage
|
|
- next_planned_stage
|
|
- plan_context
|
|
- session_id
|
|
FlowLayoutEnum:
|
|
enum:
|
|
- stacked
|
|
- content_left
|
|
- content_right
|
|
- sidebar_left
|
|
- sidebar_right
|
|
- sidebar_left_frame_background
|
|
- sidebar_right_frame_background
|
|
type: string
|
|
FlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
required:
|
|
- designation
|
|
- name
|
|
- slug
|
|
- title
|
|
FlowSet:
|
|
type: object
|
|
description: Stripped down flow serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Flow uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background_url:
|
|
type: string
|
|
description: Get the URL to the background image
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
export_url:
|
|
type: string
|
|
description: Get export URL for flow
|
|
readOnly: true
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
required:
|
|
- background_url
|
|
- designation
|
|
- export_url
|
|
- name
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- slug
|
|
- title
|
|
FlowStageBinding:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Fsb uuid
|
|
policybindingmodel_ptr_id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
stage_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Stage'
|
|
readOnly: true
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
required:
|
|
- order
|
|
- pk
|
|
- policybindingmodel_ptr_id
|
|
- stage
|
|
- stage_obj
|
|
- target
|
|
FlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
required:
|
|
- order
|
|
- stage
|
|
- target
|
|
FooterLink:
|
|
type: object
|
|
description: Links returned in Config API
|
|
properties:
|
|
href:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- href
|
|
- name
|
|
ForceBindingEnum:
|
|
type: string
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
|
|
- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
|
|
FormatEnum:
|
|
type: string
|
|
enum:
|
|
- json
|
|
- yaml
|
|
FrameChallenge:
|
|
type: object
|
|
description: Challenge type to render a frame
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-frame
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
url:
|
|
type: string
|
|
loading_overlay:
|
|
type: boolean
|
|
default: false
|
|
loading_text:
|
|
type: string
|
|
required:
|
|
- loading_text
|
|
- url
|
|
FrameChallengeResponseRequest:
|
|
type: object
|
|
description: Base class for all challenge responses
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: xak-flow-frame
|
|
GenericError:
|
|
type: object
|
|
description: Generic API Error
|
|
properties:
|
|
detail:
|
|
type: string
|
|
code:
|
|
type: string
|
|
required:
|
|
- detail
|
|
GeoIPPolicy:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
countries_obj:
|
|
type: array
|
|
items:
|
|
type: object
|
|
properties:
|
|
code:
|
|
type: string
|
|
minLength: 2
|
|
maxLength: 2
|
|
name:
|
|
type: string
|
|
required:
|
|
- code
|
|
- name
|
|
readOnly: true
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- countries
|
|
- countries_obj
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GeoIPPolicyRequest:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
required:
|
|
- countries
|
|
- name
|
|
GeoipBindingEnum:
|
|
enum:
|
|
- no_binding
|
|
- bind_continent
|
|
- bind_continent_country
|
|
- bind_continent_country_city
|
|
type: string
|
|
GlobalTaskStatus:
|
|
type: object
|
|
properties:
|
|
queued:
|
|
type: integer
|
|
readOnly: true
|
|
consumed:
|
|
type: integer
|
|
readOnly: true
|
|
preprocess:
|
|
type: integer
|
|
readOnly: true
|
|
running:
|
|
type: integer
|
|
readOnly: true
|
|
postprocess:
|
|
type: integer
|
|
readOnly: true
|
|
rejected:
|
|
type: integer
|
|
readOnly: true
|
|
done:
|
|
type: integer
|
|
readOnly: true
|
|
info:
|
|
type: integer
|
|
readOnly: true
|
|
warning:
|
|
type: integer
|
|
readOnly: true
|
|
error:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- consumed
|
|
- done
|
|
- error
|
|
- info
|
|
- postprocess
|
|
- preprocess
|
|
- queued
|
|
- rejected
|
|
- running
|
|
- warning
|
|
GoogleChromeConnector:
|
|
type: object
|
|
description: GoogleChromeConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
enabled:
|
|
type: boolean
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
chrome_url:
|
|
type: string
|
|
nullable: true
|
|
description: Full URL to be used in Google Workspace configuration
|
|
readOnly: true
|
|
required:
|
|
- chrome_url
|
|
- component
|
|
- credentials
|
|
- meta_model_name
|
|
- name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GoogleChromeConnectorRequest:
|
|
type: object
|
|
description: GoogleChromeConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- credentials
|
|
- name
|
|
GoogleEndpointDevice:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
GoogleEndpointDeviceRequest:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
GoogleWorkspaceProvider:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- component
|
|
- credentials
|
|
- default_group_email_domain
|
|
- delegated_subject
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GoogleWorkspaceProviderGroup:
|
|
type: object
|
|
description: GoogleWorkspaceProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
google_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- google_id
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- provider
|
|
GoogleWorkspaceProviderGroupRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderGroup Serializer
|
|
properties:
|
|
google_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- google_id
|
|
- group
|
|
- provider
|
|
GoogleWorkspaceProviderMapping:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
GoogleWorkspaceProviderMappingRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
GoogleWorkspaceProviderRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
minLength: 1
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- credentials
|
|
- default_group_email_domain
|
|
- delegated_subject
|
|
- name
|
|
GoogleWorkspaceProviderUser:
|
|
type: object
|
|
description: GoogleWorkspaceProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
google_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- google_id
|
|
- id
|
|
- provider
|
|
- user
|
|
- user_obj
|
|
GoogleWorkspaceProviderUserRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderUser Serializer
|
|
properties:
|
|
google_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- google_id
|
|
- provider
|
|
- user
|
|
Group:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
parents_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RelatedGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
users_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
inherited_roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
nullable: true
|
|
children:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
children_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RelatedGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- children
|
|
- children_obj
|
|
- inherited_roles_obj
|
|
- name
|
|
- num_pk
|
|
- parents_obj
|
|
- pk
|
|
- roles_obj
|
|
- users_obj
|
|
GroupKerberosSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupLDAPSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- group_obj
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupMatchingModeEnum:
|
|
enum:
|
|
- identifier
|
|
- name_link
|
|
- name_deny
|
|
type: string
|
|
GroupOAuthSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupPlexSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupPlexSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- name
|
|
GroupSAMLSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
GroupTelegramSourceConnection:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- group
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
GroupTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- group
|
|
- identifier
|
|
- source
|
|
Hardware:
|
|
type: object
|
|
properties:
|
|
model:
|
|
type: string
|
|
manufacturer:
|
|
type: string
|
|
serial:
|
|
type: string
|
|
cpu_name:
|
|
type: string
|
|
cpu_count:
|
|
type: integer
|
|
memory_bytes:
|
|
type: integer
|
|
format: int64
|
|
required:
|
|
- serial
|
|
HardwareRequest:
|
|
type: object
|
|
properties:
|
|
model:
|
|
type: string
|
|
minLength: 1
|
|
manufacturer:
|
|
type: string
|
|
minLength: 1
|
|
serial:
|
|
type: string
|
|
minLength: 1
|
|
cpu_name:
|
|
type: string
|
|
minLength: 1
|
|
cpu_count:
|
|
type: integer
|
|
memory_bytes:
|
|
type: integer
|
|
format: int64
|
|
required:
|
|
- serial
|
|
IdentificationChallenge:
|
|
type: object
|
|
description: Identification challenges with all UI elements
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-identification
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
nullable: true
|
|
pending_user_identifier:
|
|
type: string
|
|
nullable: true
|
|
password_fields:
|
|
type: boolean
|
|
allow_show_password:
|
|
type: boolean
|
|
default: false
|
|
application_pre:
|
|
type: string
|
|
application_pre_launch:
|
|
type: string
|
|
flow_designation:
|
|
$ref: '#/components/schemas/FlowDesignationEnum'
|
|
captcha_stage:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CaptchaChallenge'
|
|
nullable: true
|
|
enroll_url:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
passwordless_url:
|
|
type: string
|
|
primary_action:
|
|
type: string
|
|
sources:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LoginSource'
|
|
show_source_labels:
|
|
type: boolean
|
|
enable_remember_me:
|
|
type: boolean
|
|
default: true
|
|
passkey_challenge:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
required:
|
|
- flow_designation
|
|
- password_fields
|
|
- primary_action
|
|
- show_source_labels
|
|
- user_fields
|
|
IdentificationChallengeResponseRequest:
|
|
type: object
|
|
description: Identification challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-identification
|
|
uid_field:
|
|
type: string
|
|
nullable: true
|
|
password:
|
|
type: string
|
|
nullable: true
|
|
captcha_token:
|
|
type: string
|
|
nullable: true
|
|
passkey:
|
|
type: object
|
|
additionalProperties: {}
|
|
nullable: true
|
|
IdentificationStage:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
IdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
required:
|
|
- name
|
|
IframeLogoutChallenge:
|
|
type: object
|
|
description: Challenge for iframe logout
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-iframe-logout
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
logout_urls:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogoutURL'
|
|
IframeLogoutChallengeResponseRequest:
|
|
type: object
|
|
description: Response for iframe logout
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-iframe-logout
|
|
ImpersonationRequest:
|
|
type: object
|
|
properties:
|
|
reason:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- reason
|
|
InitialPermissions:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
permissions_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Permission'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- permissions_obj
|
|
- pk
|
|
- role
|
|
InitialPermissionsRequest:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- name
|
|
- role
|
|
InstallID:
|
|
type: object
|
|
properties:
|
|
install_id:
|
|
type: string
|
|
required:
|
|
- install_id
|
|
IntentEnum:
|
|
enum:
|
|
- verification
|
|
- api
|
|
- recovery
|
|
- app_password
|
|
type: string
|
|
InvalidResponseActionEnum:
|
|
enum:
|
|
- retry
|
|
- restart
|
|
- restart_with_context
|
|
type: string
|
|
Invitation:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Invite uuid
|
|
name:
|
|
type: string
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
created_by:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
flow_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Flow'
|
|
readOnly: true
|
|
required:
|
|
- created_by
|
|
- flow_obj
|
|
- name
|
|
- pk
|
|
InvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
required:
|
|
- name
|
|
InvitationSendEmailRequest:
|
|
type: object
|
|
description: Serializer for sending invitation emails
|
|
properties:
|
|
email_addresses:
|
|
type: array
|
|
items: {}
|
|
cc_addresses:
|
|
type: array
|
|
items: {}
|
|
bcc_addresses:
|
|
type: array
|
|
items: {}
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
default: invitation
|
|
required:
|
|
- email_addresses
|
|
InvitationStage:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
InvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
required:
|
|
- name
|
|
IssuerModeEnum:
|
|
enum:
|
|
- global
|
|
- per_provider
|
|
type: string
|
|
KadminTypeEnum:
|
|
enum:
|
|
- MIT
|
|
- Heimdal
|
|
type: string
|
|
KerberosSource:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
connectivity:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
description: Get cached source connectivity
|
|
readOnly: true
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- component
|
|
- connectivity
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- realm
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KerberosSourcePropertyMapping:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KerberosSourcePropertyMappingRequest:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
KerberosSourceRequest:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
minLength: 1
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_password:
|
|
type: string
|
|
writeOnly: true
|
|
description: Password to authenticate to kadmin for sync
|
|
sync_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
|
|
or in the form TYPE:residual
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: SPNEGO keytab base64-encoded or path to keytab in the form
|
|
FILE:path
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- name
|
|
- realm
|
|
- slug
|
|
KeyTypeEnum:
|
|
type: string
|
|
enum:
|
|
- dsa
|
|
- ec
|
|
- ed25519
|
|
- ed448
|
|
- rsa
|
|
KubernetesServiceConnection:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
KubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
required:
|
|
- name
|
|
LDAPAPIAccessMode:
|
|
enum:
|
|
- direct
|
|
- cached
|
|
type: string
|
|
LDAPCheckAccess:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
has_search_permission:
|
|
type: boolean
|
|
access:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
required:
|
|
- access
|
|
LDAPDebug:
|
|
type: object
|
|
properties:
|
|
user:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
group:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
membership:
|
|
type: array
|
|
items:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- group
|
|
- membership
|
|
- user
|
|
LDAPOutpostConfig:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
bind_flow_slug:
|
|
type: string
|
|
unbind_flow_slug:
|
|
type: string
|
|
nullable: true
|
|
description: Get slug for unbind flow, defaulting to brand's default flow.
|
|
readOnly: true
|
|
application_slug:
|
|
type: string
|
|
description: Prioritise backchannel slug over direct application slug
|
|
readOnly: true
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- application_slug
|
|
- bind_flow_slug
|
|
- name
|
|
- pk
|
|
- unbind_flow_slug
|
|
LDAPProvider:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
base_dn:
|
|
type: string
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
LDAPSource:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
server_uri:
|
|
type: string
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connectivity:
|
|
type: object
|
|
additionalProperties:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
description: Get cached source connectivity
|
|
readOnly: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- base_dn
|
|
- component
|
|
- connectivity
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- server_uri
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPSourcePropertyMapping:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
LDAPSourcePropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
LDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
minLength: 1
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
required:
|
|
- base_dn
|
|
- name
|
|
- server_uri
|
|
- slug
|
|
LangEnum:
|
|
type: string
|
|
enum:
|
|
- af
|
|
- ar
|
|
- ar-dz
|
|
- ast
|
|
- az
|
|
- be
|
|
- bg
|
|
- bn
|
|
- br
|
|
- bs
|
|
- ca
|
|
- ckb
|
|
- cs
|
|
- cy
|
|
- da
|
|
- de
|
|
- dsb
|
|
- el
|
|
- en
|
|
- en-au
|
|
- en-gb
|
|
- eo
|
|
- es
|
|
- es-ar
|
|
- es-co
|
|
- es-mx
|
|
- es-ni
|
|
- es-ve
|
|
- et
|
|
- eu
|
|
- fa
|
|
- fi
|
|
- fr
|
|
- fy
|
|
- ga
|
|
- gd
|
|
- gl
|
|
- he
|
|
- hi
|
|
- hr
|
|
- hsb
|
|
- hu
|
|
- hy
|
|
- ia
|
|
- id
|
|
- ig
|
|
- io
|
|
- is
|
|
- it
|
|
- ja
|
|
- ka
|
|
- kab
|
|
- kk
|
|
- km
|
|
- kn
|
|
- ko
|
|
- ky
|
|
- lb
|
|
- lt
|
|
- lv
|
|
- mk
|
|
- ml
|
|
- mn
|
|
- mr
|
|
- ms
|
|
- my
|
|
- nb
|
|
- ne
|
|
- nl
|
|
- nn
|
|
- os
|
|
- pa
|
|
- pl
|
|
- pt
|
|
- pt-br
|
|
- ro
|
|
- ru
|
|
- sk
|
|
- sl
|
|
- sq
|
|
- sr
|
|
- sr-latn
|
|
- sv
|
|
- sw
|
|
- ta
|
|
- te
|
|
- tg
|
|
- th
|
|
- tk
|
|
- tr
|
|
- tt
|
|
- udm
|
|
- ug
|
|
- uk
|
|
- ur
|
|
- uz
|
|
- vi
|
|
- zh-hans
|
|
- zh-hant
|
|
LastTaskStatusEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
- info
|
|
- warning
|
|
- error
|
|
type: string
|
|
License:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
license_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
key:
|
|
type: string
|
|
expiry:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
internal_users:
|
|
type: integer
|
|
readOnly: true
|
|
external_users:
|
|
type: integer
|
|
readOnly: true
|
|
required:
|
|
- expiry
|
|
- external_users
|
|
- internal_users
|
|
- key
|
|
- license_uuid
|
|
- name
|
|
LicenseFlagsEnum:
|
|
enum:
|
|
- trial
|
|
- non_production
|
|
type: string
|
|
LicenseForecast:
|
|
type: object
|
|
description: Serializer for license forecast
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
forecasted_internal_users:
|
|
type: integer
|
|
forecasted_external_users:
|
|
type: integer
|
|
required:
|
|
- external_users
|
|
- forecasted_external_users
|
|
- forecasted_internal_users
|
|
- internal_users
|
|
LicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
LicenseStatusEnum:
|
|
enum:
|
|
- unlicensed
|
|
- valid
|
|
- expired
|
|
- expiry_soon
|
|
- limit_exceeded_admin
|
|
- limit_exceeded_user
|
|
- read_only
|
|
type: string
|
|
LicenseSummary:
|
|
type: object
|
|
description: Serializer for license status
|
|
properties:
|
|
internal_users:
|
|
type: integer
|
|
external_users:
|
|
type: integer
|
|
status:
|
|
$ref: '#/components/schemas/LicenseSummaryStatusEnum'
|
|
latest_valid:
|
|
type: string
|
|
format: date-time
|
|
license_flags:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LicenseFlagsEnum'
|
|
required:
|
|
- external_users
|
|
- internal_users
|
|
- latest_valid
|
|
- license_flags
|
|
- status
|
|
LicenseSummaryStatusEnum:
|
|
enum:
|
|
- unlicensed
|
|
- valid
|
|
- expired
|
|
- expiry_soon
|
|
- limit_exceeded_admin
|
|
- limit_exceeded_user
|
|
- read_only
|
|
type: string
|
|
LifecycleIteration:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
content_type:
|
|
$ref: '#/components/schemas/ContentTypeEnum'
|
|
object_id:
|
|
type: string
|
|
readOnly: true
|
|
object_verbose:
|
|
type: string
|
|
readOnly: true
|
|
object_admin_url:
|
|
type: string
|
|
readOnly: true
|
|
state:
|
|
allOf:
|
|
- $ref: '#/components/schemas/LifecycleIterationStateEnum'
|
|
readOnly: true
|
|
opened_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
grace_period_end:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
next_review_date:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
reviews:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Review'
|
|
readOnly: true
|
|
user_can_review:
|
|
type: boolean
|
|
readOnly: true
|
|
reviewer_groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReviewerGroup'
|
|
readOnly: true
|
|
min_reviewers:
|
|
type: integer
|
|
readOnly: true
|
|
reviewers:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReviewerUser'
|
|
readOnly: true
|
|
required:
|
|
- content_type
|
|
- grace_period_end
|
|
- id
|
|
- min_reviewers
|
|
- next_review_date
|
|
- object_admin_url
|
|
- object_id
|
|
- object_verbose
|
|
- opened_on
|
|
- reviewer_groups
|
|
- reviewers
|
|
- reviews
|
|
- state
|
|
- user_can_review
|
|
LifecycleIterationRequest:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
content_type:
|
|
$ref: '#/components/schemas/ContentTypeEnum'
|
|
required:
|
|
- content_type
|
|
LifecycleIterationStateEnum:
|
|
enum:
|
|
- REVIEWED
|
|
- PENDING
|
|
- OVERDUE
|
|
- CANCELED
|
|
type: string
|
|
LifecycleRule:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
content_type:
|
|
$ref: '#/components/schemas/ContentTypeEnum'
|
|
object_id:
|
|
type: string
|
|
nullable: true
|
|
interval:
|
|
type: string
|
|
grace_period:
|
|
type: string
|
|
reviewer_groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
reviewer_groups_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReviewerGroup'
|
|
readOnly: true
|
|
min_reviewers:
|
|
type: integer
|
|
maximum: 32767
|
|
minimum: 0
|
|
min_reviewers_is_per_group:
|
|
type: boolean
|
|
reviewers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
reviewers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReviewerUser'
|
|
readOnly: true
|
|
notification_transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the reviewers.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
target_verbose:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- content_type
|
|
- id
|
|
- name
|
|
- reviewer_groups_obj
|
|
- reviewers
|
|
- reviewers_obj
|
|
- target_verbose
|
|
LifecycleRuleRequest:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
content_type:
|
|
$ref: '#/components/schemas/ContentTypeEnum'
|
|
object_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
interval:
|
|
type: string
|
|
minLength: 1
|
|
grace_period:
|
|
type: string
|
|
minLength: 1
|
|
reviewer_groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
min_reviewers:
|
|
type: integer
|
|
maximum: 32767
|
|
minimum: 0
|
|
min_reviewers_is_per_group:
|
|
type: boolean
|
|
reviewers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
notification_transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the reviewers.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
required:
|
|
- content_type
|
|
- name
|
|
- reviewers
|
|
Link:
|
|
type: object
|
|
description: Returns a single link
|
|
properties:
|
|
link:
|
|
type: string
|
|
required:
|
|
- link
|
|
LogEvent:
|
|
type: object
|
|
description: Single log message with all context logged.
|
|
properties:
|
|
timestamp:
|
|
type: string
|
|
format: date-time
|
|
log_level:
|
|
$ref: '#/components/schemas/LogLevelEnum'
|
|
logger:
|
|
type: string
|
|
event:
|
|
type: string
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- attributes
|
|
- event
|
|
- log_level
|
|
- logger
|
|
- timestamp
|
|
LogLevelEnum:
|
|
enum:
|
|
- critical
|
|
- exception
|
|
- error
|
|
- warn
|
|
- warning
|
|
- info
|
|
- debug
|
|
- notset
|
|
type: string
|
|
LoginChallengeTypes:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/RedirectChallenge'
|
|
- $ref: '#/components/schemas/AppleLoginChallenge'
|
|
- $ref: '#/components/schemas/PlexAuthenticationChallenge'
|
|
- $ref: '#/components/schemas/TelegramLoginChallenge'
|
|
discriminator:
|
|
propertyName: component
|
|
mapping:
|
|
xak-flow-redirect: '#/components/schemas/RedirectChallenge'
|
|
ak-source-oauth-apple: '#/components/schemas/AppleLoginChallenge'
|
|
ak-source-plex: '#/components/schemas/PlexAuthenticationChallenge'
|
|
ak-source-telegram: '#/components/schemas/TelegramLoginChallenge'
|
|
LoginSource:
|
|
type: object
|
|
description: Serializer for Login buttons of sources
|
|
properties:
|
|
name:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
promoted:
|
|
type: boolean
|
|
default: false
|
|
challenge:
|
|
$ref: '#/components/schemas/LoginChallengeTypes'
|
|
required:
|
|
- challenge
|
|
- name
|
|
LogoutURL:
|
|
type: object
|
|
description: Data for a single logout URL
|
|
properties:
|
|
url:
|
|
type: string
|
|
provider_name:
|
|
type: string
|
|
nullable: true
|
|
binding:
|
|
type: string
|
|
nullable: true
|
|
saml_request:
|
|
type: string
|
|
nullable: true
|
|
saml_response:
|
|
type: string
|
|
nullable: true
|
|
saml_relay_state:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- url
|
|
MDMConfigRequest:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
platform:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
enrollment_token:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- enrollment_token
|
|
- platform
|
|
MDMConfigResponse:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
config:
|
|
type: string
|
|
mime_type:
|
|
type: string
|
|
filename:
|
|
type: string
|
|
required:
|
|
- config
|
|
- filename
|
|
- mime_type
|
|
MatchingModeEnum:
|
|
enum:
|
|
- strict
|
|
- regex
|
|
type: string
|
|
Metadata:
|
|
type: object
|
|
description: Serializer for blueprint metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
labels:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- labels
|
|
- name
|
|
MicrosoftEntraProvider:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
client_secret:
|
|
type: string
|
|
tenant_id:
|
|
type: string
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- client_id
|
|
- client_secret
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- tenant_id
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MicrosoftEntraProviderGroup:
|
|
type: object
|
|
description: MicrosoftEntraProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
microsoft_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- microsoft_id
|
|
- provider
|
|
MicrosoftEntraProviderGroupRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderGroup Serializer
|
|
properties:
|
|
microsoft_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- group
|
|
- microsoft_id
|
|
- provider
|
|
MicrosoftEntraProviderMapping:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MicrosoftEntraProviderMappingRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
MicrosoftEntraProviderRequest:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
minLength: 1
|
|
tenant_id:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- client_id
|
|
- client_secret
|
|
- name
|
|
- tenant_id
|
|
MicrosoftEntraProviderUser:
|
|
type: object
|
|
description: MicrosoftEntraProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
microsoft_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- id
|
|
- microsoft_id
|
|
- provider
|
|
- user
|
|
- user_obj
|
|
MicrosoftEntraProviderUserRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderUser Serializer
|
|
properties:
|
|
microsoft_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- microsoft_id
|
|
- provider
|
|
- user
|
|
ModelEnum:
|
|
enum:
|
|
- authentik_tenants.domain
|
|
- authentik_core.group
|
|
- authentik_core.user
|
|
- authentik_core.application
|
|
- authentik_core.applicationentitlement
|
|
- authentik_core.token
|
|
- authentik_crypto.certificatekeypair
|
|
- authentik_endpoints.deviceuserbinding
|
|
- authentik_endpoints.deviceaccessgroup
|
|
- authentik_endpoints.endpointstage
|
|
- authentik_endpoints_connectors_agent.agentconnector
|
|
- authentik_endpoints_connectors_agent.agentdeviceuserbinding
|
|
- authentik_endpoints_connectors_agent.enrollmenttoken
|
|
- authentik_enterprise.license
|
|
- authentik_events.event
|
|
- authentik_events.notificationtransport
|
|
- authentik_events.notification
|
|
- authentik_events.notificationrule
|
|
- authentik_events.notificationwebhookmapping
|
|
- authentik_flows.flow
|
|
- authentik_flows.flowstagebinding
|
|
- authentik_outposts.dockerserviceconnection
|
|
- authentik_outposts.kubernetesserviceconnection
|
|
- authentik_outposts.outpost
|
|
- authentik_policies_dummy.dummypolicy
|
|
- authentik_policies_event_matcher.eventmatcherpolicy
|
|
- authentik_policies_expiry.passwordexpirypolicy
|
|
- authentik_policies_expression.expressionpolicy
|
|
- authentik_policies_geoip.geoippolicy
|
|
- authentik_policies_password.passwordpolicy
|
|
- authentik_policies_reputation.reputationpolicy
|
|
- authentik_policies.policybinding
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_oauth2.scopemapping
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_rac.racprovider
|
|
- authentik_providers_rac.endpoint
|
|
- authentik_providers_rac.racpropertymapping
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_radius.radiusproviderpropertymapping
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_saml.samlpropertymapping
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_scim.scimmapping
|
|
- authentik_rbac.role
|
|
- authentik_rbac.initialpermissions
|
|
- authentik_sources_kerberos.kerberossource
|
|
- authentik_sources_kerberos.kerberossourcepropertymapping
|
|
- authentik_sources_kerberos.userkerberossourceconnection
|
|
- authentik_sources_kerberos.groupkerberossourceconnection
|
|
- authentik_sources_ldap.ldapsource
|
|
- authentik_sources_ldap.ldapsourcepropertymapping
|
|
- authentik_sources_ldap.userldapsourceconnection
|
|
- authentik_sources_ldap.groupldapsourceconnection
|
|
- authentik_sources_oauth.oauthsource
|
|
- authentik_sources_oauth.oauthsourcepropertymapping
|
|
- authentik_sources_oauth.useroauthsourceconnection
|
|
- authentik_sources_oauth.groupoauthsourceconnection
|
|
- authentik_sources_plex.plexsource
|
|
- authentik_sources_plex.plexsourcepropertymapping
|
|
- authentik_sources_plex.userplexsourceconnection
|
|
- authentik_sources_plex.groupplexsourceconnection
|
|
- authentik_sources_saml.samlsource
|
|
- authentik_sources_saml.samlsourcepropertymapping
|
|
- authentik_sources_saml.usersamlsourceconnection
|
|
- authentik_sources_saml.groupsamlsourceconnection
|
|
- authentik_sources_scim.scimsource
|
|
- authentik_sources_scim.scimsourcepropertymapping
|
|
- authentik_sources_telegram.telegramsource
|
|
- authentik_sources_telegram.telegramsourcepropertymapping
|
|
- authentik_sources_telegram.usertelegramsourceconnection
|
|
- authentik_sources_telegram.grouptelegramsourceconnection
|
|
- authentik_stages_authenticator_duo.authenticatorduostage
|
|
- authentik_stages_authenticator_duo.duodevice
|
|
- authentik_stages_authenticator_email.authenticatoremailstage
|
|
- authentik_stages_authenticator_email.emaildevice
|
|
- authentik_stages_authenticator_sms.authenticatorsmsstage
|
|
- authentik_stages_authenticator_sms.smsdevice
|
|
- authentik_stages_authenticator_static.authenticatorstaticstage
|
|
- authentik_stages_authenticator_static.staticdevice
|
|
- authentik_stages_authenticator_totp.authenticatortotpstage
|
|
- authentik_stages_authenticator_totp.totpdevice
|
|
- authentik_stages_authenticator_validate.authenticatorvalidatestage
|
|
- authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
|
|
- authentik_stages_authenticator_webauthn.webauthndevice
|
|
- authentik_stages_captcha.captchastage
|
|
- authentik_stages_consent.consentstage
|
|
- authentik_stages_deny.denystage
|
|
- authentik_stages_dummy.dummystage
|
|
- authentik_stages_email.emailstage
|
|
- authentik_stages_identification.identificationstage
|
|
- authentik_stages_invitation.invitationstage
|
|
- authentik_stages_invitation.invitation
|
|
- authentik_stages_password.passwordstage
|
|
- authentik_stages_prompt.prompt
|
|
- authentik_stages_prompt.promptstage
|
|
- authentik_stages_redirect.redirectstage
|
|
- authentik_stages_user_delete.userdeletestage
|
|
- authentik_stages_user_login.userloginstage
|
|
- authentik_stages_user_logout.userlogoutstage
|
|
- authentik_stages_user_write.userwritestage
|
|
- authentik_tasks_schedules.schedule
|
|
- authentik_brands.brand
|
|
- authentik_blueprints.blueprintinstance
|
|
- authentik_endpoints_connectors_fleet.fleetconnector
|
|
- authentik_endpoints_connectors_google_chrome.googlechromeconnector
|
|
- authentik_lifecycle.lifecyclerule
|
|
- authentik_lifecycle.lifecycleiteration
|
|
- authentik_lifecycle.review
|
|
- authentik_policies_unique_password.uniquepasswordpolicy
|
|
- authentik_providers_google_workspace.googleworkspaceprovider
|
|
- authentik_providers_google_workspace.googleworkspaceprovidermapping
|
|
- authentik_providers_microsoft_entra.microsoftentraprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovidermapping
|
|
- authentik_providers_ssf.ssfprovider
|
|
- authentik_providers_ws_federation.wsfederationprovider
|
|
- authentik_reports.dataexport
|
|
- authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage
|
|
- authentik_stages_mtls.mutualtlsstage
|
|
- authentik_stages_source.sourcestage
|
|
type: string
|
|
MutualTLSStage:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
required:
|
|
- cert_attribute
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- mode
|
|
- name
|
|
- pk
|
|
- user_attribute
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
MutualTLSStageRequest:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
required:
|
|
- cert_attribute
|
|
- mode
|
|
- name
|
|
- user_attribute
|
|
NativeLogoutChallenge:
|
|
type: object
|
|
description: Challenge for native browser logout
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-saml-native-logout
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
provider_name:
|
|
type: string
|
|
is_complete:
|
|
type: boolean
|
|
default: false
|
|
post_url:
|
|
type: string
|
|
redirect_url:
|
|
type: string
|
|
saml_binding:
|
|
$ref: '#/components/schemas/SAMLBindingsEnum'
|
|
saml_request:
|
|
type: string
|
|
saml_response:
|
|
type: string
|
|
saml_relay_state:
|
|
type: string
|
|
NativeLogoutChallengeResponseRequest:
|
|
type: object
|
|
description: Response for native browser logout
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-saml-native-logout
|
|
Network:
|
|
type: object
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
firewall_enabled:
|
|
type: boolean
|
|
interfaces:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NetworkInterface'
|
|
gateway:
|
|
type: string
|
|
required:
|
|
- hostname
|
|
- interfaces
|
|
NetworkBindingEnum:
|
|
enum:
|
|
- no_binding
|
|
- bind_asn
|
|
- bind_asn_network
|
|
- bind_asn_network_ip
|
|
type: string
|
|
NetworkInterface:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
hardware_address:
|
|
type: string
|
|
ip_addresses:
|
|
type: array
|
|
items:
|
|
type: string
|
|
dns_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- hardware_address
|
|
- name
|
|
NetworkInterfaceRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
hardware_address:
|
|
type: string
|
|
minLength: 1
|
|
ip_addresses:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
dns_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- hardware_address
|
|
- name
|
|
NetworkRequest:
|
|
type: object
|
|
properties:
|
|
hostname:
|
|
type: string
|
|
minLength: 1
|
|
firewall_enabled:
|
|
type: boolean
|
|
interfaces:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NetworkInterfaceRequest'
|
|
gateway:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- hostname
|
|
- interfaces
|
|
NotConfiguredActionEnum:
|
|
enum:
|
|
- skip
|
|
- deny
|
|
- configure
|
|
type: string
|
|
Notification:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
readOnly: true
|
|
body:
|
|
type: string
|
|
readOnly: true
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
event:
|
|
$ref: '#/components/schemas/Event'
|
|
seen:
|
|
type: boolean
|
|
required:
|
|
- body
|
|
- created
|
|
- pk
|
|
- severity
|
|
NotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
NotificationRule:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Group'
|
|
readOnly: true
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
required:
|
|
- destination_group_obj
|
|
- name
|
|
- pk
|
|
NotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
required:
|
|
- name
|
|
NotificationTransport:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
mode:
|
|
$ref: '#/components/schemas/TransportModeEnum'
|
|
mode_verbose:
|
|
type: string
|
|
description: Return selected mode with a UI Label
|
|
readOnly: true
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_ca:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, the selected ceritifcate is used to validate the
|
|
certificate of the webhook server.
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- mode_verbose
|
|
- name
|
|
- pk
|
|
NotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/TransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_ca:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, the selected ceritifcate is used to validate the
|
|
certificate of the webhook server.
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
minLength: 1
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
required:
|
|
- name
|
|
NotificationTransportTest:
|
|
type: object
|
|
description: Notification test serializer
|
|
properties:
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- messages
|
|
NotificationWebhookMapping:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
required:
|
|
- expression
|
|
- name
|
|
- pk
|
|
NotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
OAuth2Provider:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURI'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- redirect_uris
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuth2ProviderLogoutMethodEnum:
|
|
enum:
|
|
- backchannel
|
|
- frontchannel
|
|
type: string
|
|
OAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURIRequest'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
- redirect_uris
|
|
OAuth2ProviderSetupURLs:
|
|
type: object
|
|
description: OAuth2 Provider Metadata serializer
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
readOnly: true
|
|
authorize:
|
|
type: string
|
|
readOnly: true
|
|
token:
|
|
type: string
|
|
readOnly: true
|
|
user_info:
|
|
type: string
|
|
readOnly: true
|
|
provider_info:
|
|
type: string
|
|
readOnly: true
|
|
logout:
|
|
type: string
|
|
readOnly: true
|
|
jwks:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- authorize
|
|
- issuer
|
|
- jwks
|
|
- logout
|
|
- provider_info
|
|
- token
|
|
- user_info
|
|
OAuthDeviceCodeChallenge:
|
|
type: object
|
|
description: OAuth Device code challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
OAuthDeviceCodeChallengeResponseRequest:
|
|
type: object
|
|
description: Response that includes the user-entered device code
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code
|
|
code:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- code
|
|
OAuthDeviceCodeFinishChallenge:
|
|
type: object
|
|
description: Final challenge after user enters their code
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-provider-oauth2-device-code-finish
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
OAuthDeviceCodeFinishChallengeResponseRequest:
|
|
type: object
|
|
description: Response that device has been authenticated and tab can be closed
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-provider-oauth2-device-code-finish
|
|
OAuthSource:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
callback_url:
|
|
type: string
|
|
description: Get OAuth Callback URL
|
|
readOnly: true
|
|
additional_scopes:
|
|
type: string
|
|
type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SourceType'
|
|
readOnly: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
required:
|
|
- callback_url
|
|
- component
|
|
- consumer_key
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- provider_type
|
|
- slug
|
|
- type
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuthSourcePropertyMapping:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
OAuthSourcePropertyMappingRequest:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
OAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
required:
|
|
- consumer_key
|
|
- consumer_secret
|
|
- name
|
|
- provider_type
|
|
- slug
|
|
OpenIDConnectConfiguration:
|
|
type: object
|
|
description: rest_framework Serializer for OIDC Configuration
|
|
properties:
|
|
issuer:
|
|
type: string
|
|
authorization_endpoint:
|
|
type: string
|
|
token_endpoint:
|
|
type: string
|
|
userinfo_endpoint:
|
|
type: string
|
|
end_session_endpoint:
|
|
type: string
|
|
introspection_endpoint:
|
|
type: string
|
|
jwks_uri:
|
|
type: string
|
|
response_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token_signing_alg_values_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
subject_types_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
token_endpoint_auth_methods_supported:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- authorization_endpoint
|
|
- end_session_endpoint
|
|
- id_token_signing_alg_values_supported
|
|
- introspection_endpoint
|
|
- issuer
|
|
- jwks_uri
|
|
- response_types_supported
|
|
- subject_types_supported
|
|
- token_endpoint
|
|
- token_endpoint_auth_methods_supported
|
|
- userinfo_endpoint
|
|
OperatingSystem:
|
|
type: object
|
|
description: |-
|
|
For example:
|
|
{"family":"linux","name":"Ubuntu","version":"24.04.3 LTS (Noble Numbat)","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "mac_os", "name": "", "version": "26.2", "arch": "arm64"}
|
|
properties:
|
|
family:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
name:
|
|
type: string
|
|
description: Operating System name, such as 'Server 2022' or 'Ubuntu'
|
|
version:
|
|
type: string
|
|
description: Operating System version, must always be the version number
|
|
but may contain build name
|
|
arch:
|
|
type: string
|
|
required:
|
|
- family
|
|
OperatingSystemRequest:
|
|
type: object
|
|
description: |-
|
|
For example:
|
|
{"family":"linux","name":"Ubuntu","version":"24.04.3 LTS (Noble Numbat)","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "windows","name":"Server 2022 Datacenter","version":"10.0.20348.4405","arch":"amd64"}
|
|
{"family": "mac_os", "name": "", "version": "26.2", "arch": "arm64"}
|
|
properties:
|
|
family:
|
|
$ref: '#/components/schemas/DeviceFactsOSFamily'
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Operating System name, such as 'Server 2022' or 'Ubuntu'
|
|
version:
|
|
type: string
|
|
minLength: 1
|
|
description: Operating System version, must always be the version number
|
|
but may contain build name
|
|
arch:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- family
|
|
OutgoingSyncDeleteAction:
|
|
enum:
|
|
- do_nothing
|
|
- delete
|
|
- suspend
|
|
type: string
|
|
Outpost:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
service_connection_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ServiceConnection'
|
|
readOnly: true
|
|
nullable: true
|
|
refresh_interval_s:
|
|
type: integer
|
|
readOnly: true
|
|
token_identifier:
|
|
type: string
|
|
description: Get Token identifier
|
|
readOnly: true
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- pk
|
|
- providers
|
|
- providers_obj
|
|
- refresh_interval_s
|
|
- service_connection_obj
|
|
- token_identifier
|
|
- type
|
|
OutpostDefaultConfig:
|
|
type: object
|
|
description: Global default outpost config
|
|
properties:
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- config
|
|
OutpostHealth:
|
|
type: object
|
|
description: Outpost health status
|
|
properties:
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
last_seen:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
golang_version:
|
|
type: string
|
|
readOnly: true
|
|
openssl_enabled:
|
|
type: boolean
|
|
readOnly: true
|
|
openssl_version:
|
|
type: string
|
|
readOnly: true
|
|
fips_enabled:
|
|
type: boolean
|
|
nullable: true
|
|
description: Get FIPS enabled
|
|
readOnly: true
|
|
version_should:
|
|
type: string
|
|
readOnly: true
|
|
version_outdated:
|
|
type: boolean
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
readOnly: true
|
|
build_hash_should:
|
|
type: string
|
|
readOnly: true
|
|
hostname:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- build_hash_should
|
|
- fips_enabled
|
|
- golang_version
|
|
- hostname
|
|
- last_seen
|
|
- openssl_enabled
|
|
- openssl_version
|
|
- uid
|
|
- version
|
|
- version_outdated
|
|
- version_should
|
|
OutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
required:
|
|
- config
|
|
- name
|
|
- providers
|
|
- type
|
|
OutpostTypeEnum:
|
|
enum:
|
|
- proxy
|
|
- ldap
|
|
- radius
|
|
- rac
|
|
type: string
|
|
PKCEMethodEnum:
|
|
enum:
|
|
- none
|
|
- plain
|
|
- S256
|
|
type: string
|
|
PaginatedAgentConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AgentConnector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAppleIndependentSecureEnclaveList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AppleIndependentSecureEnclave'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedApplicationEntitlementList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ApplicationEntitlement'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedApplicationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Application'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatedSessionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatedSession'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorDuoStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorDuoStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorEmailStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorEmailStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorEndpointGDTCStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorEndpointGDTCStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorSMSStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorSMSStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorStaticStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorStaticStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorTOTPStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorTOTPStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorValidateStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorValidateStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedAuthenticatorWebAuthnStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/AuthenticatorWebAuthnStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedBlueprintInstanceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BlueprintInstance'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedBrandList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Brand'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedCaptchaStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CaptchaStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedCertificateKeyPairList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CertificateKeyPair'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedConnectionTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConnectionToken'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Connector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedConsentStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ConsentStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDataExportList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DataExport'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDenyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DenyStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDeviceAccessGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceAccessGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDeviceUserBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceUserBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDockerServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DockerServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDomainList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Domain'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDummyPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDummyStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DummyStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedDuoDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DuoDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEmailDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EmailDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEmailStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EmailStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEndpointDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EndpointDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEndpointList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Endpoint'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEndpointStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EndpointStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEnrollmentTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EnrollmentToken'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEventList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Event'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedEventMatcherPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventMatcherPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedExpiringBaseGrantModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpiringBaseGrantModel'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedExpressionPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExpressionPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedExtraRoleObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ExtraRoleObjectPermission'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedFleetConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FleetConnector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedFlowList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Flow'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedFlowStageBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowStageBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGeoIPPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GeoIPPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleChromeConnectorList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleChromeConnector'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleEndpointDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleEndpointDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleWorkspaceProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleWorkspaceProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleWorkspaceProviderMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGoogleWorkspaceProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GoogleWorkspaceProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupKerberosSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupKerberosSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupLDAPSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupLDAPSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Group'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupOAuthSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupOAuthSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupPlexSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupPlexSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupSAMLSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupSAMLSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedGroupTelegramSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/GroupTelegramSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedIdentificationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/IdentificationStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedInitialPermissionsList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/InitialPermissions'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedInvitationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Invitation'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedInvitationStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/InvitationStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedKerberosSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KerberosSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedKerberosSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KerberosSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedKubernetesServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/KubernetesServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLDAPSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LDAPSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLicenseList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/License'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLifecycleIterationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LifecycleIteration'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedLifecycleRuleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LifecycleRule'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedMicrosoftEntraProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedMicrosoftEntraProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedMicrosoftEntraProviderMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedMicrosoftEntraProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MicrosoftEntraProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedMutualTLSStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/MutualTLSStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Notification'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationRuleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationRule'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationTransportList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationTransport'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedNotificationWebhookMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/NotificationWebhookMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedOAuth2ProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedOAuthSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuthSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedOAuthSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/OAuthSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedOutpostList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Outpost'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordExpiryPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordExpiryPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPasswordStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PasswordStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Permission'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPlexSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPlexSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PlexSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPolicyBindingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PolicyBinding'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Policy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPromptList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Prompt'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPromptStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedProxyOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedProxyProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ProxyProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRACPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RACPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRACProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RACProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRadiusOutpostConfigList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusOutpostConfig'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRadiusProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRadiusProviderPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RadiusProviderPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRedirectStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedReputationList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Reputation'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedReputationPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ReputationPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRoleAssignedObjectPermissionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleAssignedObjectPermission'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedRoleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLPropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLPropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSAMLSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SAMLSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMProviderGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProviderGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMProviderUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMProviderUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMSourceGroupList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourceGroup'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSCIMSourceUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SCIMSourceUser'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSMSDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SMSDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSSFProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SSFProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSSFStreamList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SSFStream'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedScheduleList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Schedule'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedScopeMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ScopeMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedServiceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ServiceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Source'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedSourceStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/SourceStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Stage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedStaticDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTOTPDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TOTPDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTaskList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Task'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTelegramSourceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TelegramSource'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTelegramSourcePropertyMappingList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TelegramSourcePropertyMapping'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTenantList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Tenant'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTokenList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Token'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedTokenModelList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TokenModel'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUniquePasswordPolicyList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UniquePasswordPolicy'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserConsentList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserConsent'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserDeleteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserDeleteStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserKerberosSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserKerberosSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserLDAPSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLDAPSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/User'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserLoginStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLoginStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserLogoutStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserLogoutStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserOAuthSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserOAuthSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserPlexSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserPlexSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserSAMLSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSAMLSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserTelegramSourceConnectionList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserTelegramSourceConnection'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedUserWriteStageList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserWriteStage'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedWSFederationProviderList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WSFederationProvider'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedWebAuthnDeviceList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDevice'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
PaginatedWebAuthnDeviceTypeList:
|
|
type: object
|
|
properties:
|
|
pagination:
|
|
$ref: '#/components/schemas/Pagination'
|
|
results:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnDeviceType'
|
|
autocomplete:
|
|
$ref: '#/components/schemas/Autocomplete'
|
|
required:
|
|
- autocomplete
|
|
- pagination
|
|
- results
|
|
Pagination:
|
|
type: object
|
|
properties:
|
|
next:
|
|
type: number
|
|
previous:
|
|
type: number
|
|
count:
|
|
type: number
|
|
current:
|
|
type: number
|
|
total_pages:
|
|
type: number
|
|
start_index:
|
|
type: number
|
|
end_index:
|
|
type: number
|
|
required:
|
|
- count
|
|
- current
|
|
- end_index
|
|
- next
|
|
- previous
|
|
- start_index
|
|
- total_pages
|
|
PartialGroup:
|
|
type: object
|
|
description: Partial Group Serializer, does not include child relations.
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
num_pk:
|
|
type: integer
|
|
description: Get a numerical, int32 ID for the group
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- num_pk
|
|
- pk
|
|
PartialUser:
|
|
type: object
|
|
description: Partial User Serializer, does not include child relations.
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- uid
|
|
- username
|
|
PasswordChallenge:
|
|
type: object
|
|
description: Password challenge UI fields
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-password
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
recovery_url:
|
|
type: string
|
|
allow_show_password:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
PasswordChallengeResponseRequest:
|
|
type: object
|
|
description: Password challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-password
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
PasswordExpiryPolicy:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- days
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
required:
|
|
- days
|
|
- name
|
|
PasswordPolicy:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
password_field:
|
|
type: string
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
required:
|
|
- name
|
|
PasswordStage:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
required:
|
|
- backends
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
required:
|
|
- backends
|
|
- name
|
|
PatchedAgentConnectorRequest:
|
|
type: object
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
snapshot_expiry:
|
|
type: string
|
|
minLength: 1
|
|
auth_session_duration:
|
|
type: string
|
|
minLength: 1
|
|
auth_terminate_session_on_expiry:
|
|
type: boolean
|
|
refresh_interval:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
nss_uid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
nss_gid_offset:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
challenge_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
challenge_idle_timeout:
|
|
type: string
|
|
minLength: 1
|
|
challenge_trigger_check_in:
|
|
type: boolean
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedAppleIndependentSecureEnclaveRequest:
|
|
type: object
|
|
properties:
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
user:
|
|
type: integer
|
|
description: The user that this device belongs to.
|
|
apple_secure_enclave_key:
|
|
type: string
|
|
minLength: 1
|
|
apple_enclave_key_id:
|
|
type: string
|
|
minLength: 1
|
|
device_type:
|
|
type: string
|
|
minLength: 1
|
|
PatchedApplicationEntitlementRequest:
|
|
type: object
|
|
description: ApplicationEntitlement Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
app:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedApplicationRequest:
|
|
type: object
|
|
description: Application Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Application's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal application name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
provider:
|
|
type: integer
|
|
nullable: true
|
|
backchannel_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
open_in_new_tab:
|
|
type: boolean
|
|
description: Open launch URL in a new browser tab or window.
|
|
meta_launch_url:
|
|
type: string
|
|
format: uri
|
|
meta_icon:
|
|
type: string
|
|
meta_description:
|
|
type: string
|
|
meta_publisher:
|
|
type: string
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
group:
|
|
type: string
|
|
PatchedAuthenticatorDuoStageRequest:
|
|
type: object
|
|
description: AuthenticatorDuoStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
api_hostname:
|
|
type: string
|
|
minLength: 1
|
|
admin_integration_key:
|
|
type: string
|
|
admin_secret_key:
|
|
type: string
|
|
writeOnly: true
|
|
PatchedAuthenticatorEmailStageRequest:
|
|
type: object
|
|
description: AuthenticatorEmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
PatchedAuthenticatorEndpointGDTCStageRequest:
|
|
type: object
|
|
description: AuthenticatorEndpointGDTCStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedAuthenticatorSMSStageRequest:
|
|
type: object
|
|
description: AuthenticatorSMSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
provider:
|
|
$ref: '#/components/schemas/ProviderEnum'
|
|
from_number:
|
|
type: string
|
|
minLength: 1
|
|
account_sid:
|
|
type: string
|
|
minLength: 1
|
|
auth:
|
|
type: string
|
|
minLength: 1
|
|
auth_password:
|
|
type: string
|
|
auth_type:
|
|
$ref: '#/components/schemas/AuthTypeEnum'
|
|
verify_only:
|
|
type: boolean
|
|
description: When enabled, the Phone number is only used during enrollment
|
|
to verify the users authenticity. Only a hash of the phone number is saved
|
|
to ensure it is not reused in the future.
|
|
mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally modify the payload being sent to custom providers.
|
|
PatchedAuthenticatorStaticStageRequest:
|
|
type: object
|
|
description: AuthenticatorStaticStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
token_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
token_length:
|
|
type: integer
|
|
maximum: 100
|
|
minimum: 0
|
|
PatchedAuthenticatorTOTPStageRequest:
|
|
type: object
|
|
description: AuthenticatorTOTPStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
digits:
|
|
$ref: '#/components/schemas/DigitsEnum'
|
|
PatchedAuthenticatorValidateStageRequest:
|
|
type: object
|
|
description: AuthenticatorValidateStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
not_configured_action:
|
|
$ref: '#/components/schemas/NotConfiguredActionEnum'
|
|
device_classes:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/DeviceClassesEnum'
|
|
description: Device classes which can be used to authenticate
|
|
configuration_stages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Stages used to configure Authenticator when user doesn't have
|
|
any compatible devices. After this configuration Stage passes, the user
|
|
is not prompted again.
|
|
last_auth_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: If any of the user's device has been used within this threshold,
|
|
this stage will be skipped
|
|
webauthn_user_verification:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserVerificationEnum'
|
|
description: Enforce user verification for WebAuthn devices.
|
|
webauthn_hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
webauthn_allowed_device_types:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedAuthenticatorWebAuthnStageRequest:
|
|
type: object
|
|
description: AuthenticatorWebAuthnStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
friendly_name:
|
|
type: string
|
|
user_verification:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
authenticator_attachment:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticatorAttachmentEnum'
|
|
nullable: true
|
|
resident_key_requirement:
|
|
$ref: '#/components/schemas/UserVerificationEnum'
|
|
hints:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/WebAuthnHintEnum'
|
|
device_type_restrictions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
prevent_duplicate_devices:
|
|
type: boolean
|
|
description: When enabled, a given device can only be registered once.
|
|
max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
PatchedBlueprintInstanceRequest:
|
|
type: object
|
|
description: Info about a single blueprint instance file
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
default: ''
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
enabled:
|
|
type: boolean
|
|
content:
|
|
type: string
|
|
PatchedBrandRequest:
|
|
type: object
|
|
description: Brand Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
description: Domain that activates this brand. Can be a superset, i.e. `a.b`
|
|
for `aa.b` and `ba.b`
|
|
default:
|
|
type: boolean
|
|
branding_title:
|
|
type: string
|
|
minLength: 1
|
|
branding_logo:
|
|
type: string
|
|
minLength: 1
|
|
branding_favicon:
|
|
type: string
|
|
minLength: 1
|
|
branding_custom_css:
|
|
type: string
|
|
branding_default_flow_background:
|
|
type: string
|
|
minLength: 1
|
|
flow_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_invalidation:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_recovery:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_unenrollment:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_user_settings:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
flow_device_code:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
default_application:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, external users will be redirected to this application
|
|
after authenticating.
|
|
web_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Web Certificate used by the authentik Core webserver.
|
|
client_certificates:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Certificates used for client authentication.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedCaptchaStageRequest:
|
|
type: object
|
|
description: CaptchaStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
public_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Public key, acquired your captcha Provider.
|
|
private_key:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Private key, acquired your captcha Provider.
|
|
js_url:
|
|
type: string
|
|
minLength: 1
|
|
api_url:
|
|
type: string
|
|
minLength: 1
|
|
interactive:
|
|
type: boolean
|
|
score_min_threshold:
|
|
type: number
|
|
format: double
|
|
score_max_threshold:
|
|
type: number
|
|
format: double
|
|
error_on_invalid_score:
|
|
type: boolean
|
|
description: When enabled and the received captcha score is outside of the
|
|
given threshold, the stage will show an error message. When not enabled,
|
|
the flow will continue, but the data from the captcha will be available
|
|
in the context for policy decisions
|
|
PatchedCertificateKeyPairRequest:
|
|
type: object
|
|
description: CertificateKeyPair Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
certificate_data:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: PEM-encoded Certificate data
|
|
key_data:
|
|
type: string
|
|
writeOnly: true
|
|
description: Optional Private Key. If this is set, you can use this keypair
|
|
for encryption.
|
|
PatchedConnectionTokenRequest:
|
|
type: object
|
|
description: ConnectionToken Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Connection token uuid
|
|
provider:
|
|
type: integer
|
|
endpoint:
|
|
type: string
|
|
format: uuid
|
|
PatchedConsentStageRequest:
|
|
type: object
|
|
description: ConsentStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/ConsentModeEnum'
|
|
consent_expire_in:
|
|
type: string
|
|
minLength: 1
|
|
title: Consent expires in
|
|
description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedDenyStageRequest:
|
|
type: object
|
|
description: DenyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
deny_message:
|
|
type: string
|
|
PatchedDeviceAccessGroupRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedDeviceUserBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
is_primary:
|
|
type: boolean
|
|
PatchedDockerServiceConnectionRequest:
|
|
type: object
|
|
description: DockerServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Can be in the format of 'unix://<path>' when connecting to
|
|
a local docker daemon, or 'https://<hostname>:2376' when connecting to
|
|
a remote system.
|
|
tls_verification:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: CA which the endpoint's Certificate is verified against. Can
|
|
be left empty for no validation.
|
|
tls_authentication:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Certificate/Key used for authentication. Can be left empty
|
|
for no authentication.
|
|
PatchedDomainRequest:
|
|
type: object
|
|
description: Domain Serializer
|
|
properties:
|
|
domain:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 253
|
|
is_primary:
|
|
type: boolean
|
|
tenant:
|
|
type: string
|
|
format: uuid
|
|
PatchedDummyPolicyRequest:
|
|
type: object
|
|
description: Dummy Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
result:
|
|
type: boolean
|
|
wait_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
wait_max:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedDummyStageRequest:
|
|
type: object
|
|
description: DummyStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
throw_error:
|
|
type: boolean
|
|
PatchedDuoDeviceRequest:
|
|
type: object
|
|
description: Serializer for Duo authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedEmailDeviceRequest:
|
|
type: object
|
|
description: Serializer for email authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedEmailStageRequest:
|
|
type: object
|
|
description: EmailStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
use_global_settings:
|
|
type: boolean
|
|
description: When enabled, global Email connection settings will be used
|
|
and connection settings below will be ignored.
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
port:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
username:
|
|
type: string
|
|
password:
|
|
type: string
|
|
writeOnly: true
|
|
use_tls:
|
|
type: boolean
|
|
use_ssl:
|
|
type: boolean
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
from_address:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
token_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Time the token sent is valid (Format: hours=3,minutes=17,seconds=300).'
|
|
subject:
|
|
type: string
|
|
minLength: 1
|
|
template:
|
|
type: string
|
|
minLength: 1
|
|
activate_user_on_success:
|
|
type: boolean
|
|
description: Activate users upon completion of stage.
|
|
recovery_max_attempts:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
recovery_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'The time window used to count recent account recovery attempts.
|
|
If the number of attempts exceed recovery_max_attempts within this period,
|
|
further attempts will be rate-limited. (Format: hours=1;minutes=2;seconds=3).'
|
|
PatchedEndpointDeviceRequest:
|
|
type: object
|
|
properties:
|
|
device_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
access_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
access_group_obj:
|
|
$ref: '#/components/schemas/DeviceAccessGroupRequest'
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedEndpointRequest:
|
|
type: object
|
|
description: Endpoint Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
provider:
|
|
type: integer
|
|
protocol:
|
|
$ref: '#/components/schemas/ProtocolEnum'
|
|
host:
|
|
type: string
|
|
minLength: 1
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
auth_mode:
|
|
$ref: '#/components/schemas/EndpointAuthModeEnum'
|
|
maximum_connections:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedEndpointStageRequest:
|
|
type: object
|
|
description: EndpointStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
PatchedEnrollmentTokenRequest:
|
|
type: object
|
|
properties:
|
|
device_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
connector:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expiring:
|
|
type: boolean
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
PatchedEventMatcherPolicyRequest:
|
|
type: object
|
|
description: Event Matcher Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/EventActions'
|
|
nullable: true
|
|
description: Match created events with this action type. When left empty,
|
|
all action types will be matched.
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
description: Matches Event's Client IP (strict matching, for network matching
|
|
use an Expression Policy)
|
|
app:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AppEnum'
|
|
nullable: true
|
|
description: Match events created by selected application. When left empty,
|
|
all applications are matched.
|
|
model:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ModelEnum'
|
|
nullable: true
|
|
description: Match events created by selected model. When left empty, all
|
|
models are matched. When an app is selected, all the application's models
|
|
are matched.
|
|
query:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
PatchedEventRequest:
|
|
type: object
|
|
description: Event Serializer
|
|
properties:
|
|
user:
|
|
type: object
|
|
additionalProperties: {}
|
|
action:
|
|
$ref: '#/components/schemas/EventActions'
|
|
app:
|
|
type: string
|
|
minLength: 1
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
client_ip:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
brand:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedExpressionPolicyRequest:
|
|
type: object
|
|
description: Group Membership Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedFleetConnectorRequest:
|
|
type: object
|
|
description: FleetConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
maxLength: 200
|
|
token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
headers_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
map_users:
|
|
type: boolean
|
|
map_teams_access_group:
|
|
type: boolean
|
|
PatchedFlowRequest:
|
|
type: object
|
|
description: Flow Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Visible in the URL.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
title:
|
|
type: string
|
|
minLength: 1
|
|
description: Shown as the Title in Flow pages.
|
|
designation:
|
|
allOf:
|
|
- $ref: '#/components/schemas/FlowDesignationEnum'
|
|
description: Decides what this Flow is used for. For example, the Authentication
|
|
flow is redirect to when an un-authenticated user visits authentik.
|
|
background:
|
|
type: string
|
|
description: Background shown during execution
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
compatibility_mode:
|
|
type: boolean
|
|
description: Enable compatibility mode, increases compatibility with password
|
|
managers on mobile devices.
|
|
layout:
|
|
$ref: '#/components/schemas/FlowLayoutEnum'
|
|
denied_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/DeniedActionEnum'
|
|
description: Configure what should happen when a flow denies access to a
|
|
user.
|
|
authentication:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthenticationEnum'
|
|
description: Required level of authentication and authorization to access
|
|
a flow.
|
|
PatchedFlowStageBindingRequest:
|
|
type: object
|
|
description: FlowStageBinding Serializer
|
|
properties:
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
stage:
|
|
type: string
|
|
format: uuid
|
|
evaluate_on_plan:
|
|
type: boolean
|
|
description: Evaluate policies during the Flow planning process.
|
|
re_evaluate_policies:
|
|
type: boolean
|
|
description: Evaluate policies when the Stage is presented to the user.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
invalid_response_action:
|
|
allOf:
|
|
- $ref: '#/components/schemas/InvalidResponseActionEnum'
|
|
description: Configure how the flow executor should handle an invalid response
|
|
to a challenge. RETRY returns the error message and a similar challenge
|
|
to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT
|
|
restarts the flow while keeping the current context.
|
|
PatchedGeoIPPolicyRequest:
|
|
type: object
|
|
description: GeoIP Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
asns:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
countries:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/CountryCodeEnum'
|
|
maxItems: 249
|
|
check_history_distance:
|
|
type: boolean
|
|
history_max_distance_km:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
distance_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
history_login_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
check_impossible_travel:
|
|
type: boolean
|
|
impossible_tolerance_km:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
PatchedGoogleChromeConnectorRequest:
|
|
type: object
|
|
description: GoogleChromeConnector Serializer
|
|
properties:
|
|
connector_uuid:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
enabled:
|
|
type: boolean
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedGoogleEndpointDeviceRequest:
|
|
type: object
|
|
description: Serializer for Endpoint authenticator devices
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedGoogleWorkspaceProviderMappingRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGoogleWorkspaceProviderRequest:
|
|
type: object
|
|
description: GoogleWorkspaceProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
delegated_subject:
|
|
type: string
|
|
format: email
|
|
minLength: 1
|
|
maxLength: 254
|
|
credentials:
|
|
type: object
|
|
additionalProperties: {}
|
|
scopes:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
default_group_email_domain:
|
|
type: string
|
|
minLength: 1
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedGroupKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupPlexSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupRequest:
|
|
type: object
|
|
description: Group Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
parents:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
users:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedGroupSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedGroupTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: Group Source Connection
|
|
properties:
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedIdentificationStageRequest:
|
|
type: object
|
|
description: IdentificationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserFieldsEnum'
|
|
description: Fields of the user object to match against. (Hold shift to
|
|
select multiple options)
|
|
password_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, shows a password field, instead of showing the password
|
|
field as separate step.
|
|
captcha_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, adds functionality exactly like a Captcha stage,
|
|
but baked into the Identification stage.
|
|
case_insensitive_matching:
|
|
type: boolean
|
|
description: When enabled, user fields are matched regardless of their casing.
|
|
show_matched_user:
|
|
type: boolean
|
|
description: When a valid username/email has been entered, and this option
|
|
is enabled, the user's username and avatar will be shown. Otherwise, the
|
|
text that the user entered will be shown
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional enrollment flow, which is linked at the bottom of
|
|
the page.
|
|
recovery_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional recovery flow, which is linked at the bottom of the
|
|
page.
|
|
passwordless_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optional passwordless flow, which is linked at the bottom of
|
|
the page.
|
|
sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Specify which sources should be shown.
|
|
show_source_labels:
|
|
type: boolean
|
|
pretend_user_exists:
|
|
type: boolean
|
|
description: When enabled, the stage will succeed and continue even when
|
|
incorrect user info is entered.
|
|
enable_remember_me:
|
|
type: boolean
|
|
description: Show the user the 'Remember me on this device' toggle, allowing
|
|
repeat users to skip straight to entering their password.
|
|
webauthn_stage:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, and conditional WebAuthn is available, allow the
|
|
user to use their passkey as a first factor.
|
|
PatchedInitialPermissionsRequest:
|
|
type: object
|
|
description: InitialPermissions serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
role:
|
|
type: string
|
|
format: uuid
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedInvitationRequest:
|
|
type: object
|
|
description: Invitation Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
fixed_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
single_use:
|
|
type: boolean
|
|
description: When enabled, the invitation will be deleted after usage.
|
|
flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, only the configured flow can use this invitation.
|
|
PatchedInvitationStageRequest:
|
|
type: object
|
|
description: InvitationStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
continue_flow_without_invitation:
|
|
type: boolean
|
|
description: If this flag is set, this Stage will jump to the next Stage
|
|
when no Invitation is given. By default this Stage will cancel the Flow
|
|
when no invitation is given.
|
|
PatchedKerberosSourcePropertyMappingRequest:
|
|
type: object
|
|
description: Kerberos PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedKerberosSourceRequest:
|
|
type: object
|
|
description: Kerberos Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
realm:
|
|
type: string
|
|
minLength: 1
|
|
description: Kerberos realm
|
|
krb5_conf:
|
|
type: string
|
|
description: Custom krb5.conf to use. Uses the system one by default
|
|
kadmin_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/KadminTypeEnum'
|
|
description: KAdmin server type
|
|
sync_users:
|
|
type: boolean
|
|
description: Sync users from Kerberos into authentik
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to Kerberos
|
|
sync_principal:
|
|
type: string
|
|
description: Principal to authenticate to kadmin for sync.
|
|
sync_password:
|
|
type: string
|
|
writeOnly: true
|
|
description: Password to authenticate to kadmin for sync
|
|
sync_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: Keytab to authenticate to kadmin for sync. Must be base64-encoded
|
|
or in the form TYPE:residual
|
|
sync_ccache:
|
|
type: string
|
|
description: Credentials cache to authenticate to kadmin for sync. Must
|
|
be in the form TYPE:residual
|
|
spnego_server_name:
|
|
type: string
|
|
description: Force the use of a specific server name for SPNEGO. Must be
|
|
in the form HTTP@hostname
|
|
spnego_keytab:
|
|
type: string
|
|
writeOnly: true
|
|
description: SPNEGO keytab base64-encoded or path to keytab in the form
|
|
FILE:path
|
|
spnego_ccache:
|
|
type: string
|
|
description: Credential cache to use for SPNEGO in form type:residual
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: If enabled, the authentik-stored password will be updated upon
|
|
login with the Kerberos password backend
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
PatchedKubernetesServiceConnectionRequest:
|
|
type: object
|
|
description: KubernetesServiceConnection Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
kubeconfig:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Paste your kubeconfig here. authentik will automatically use
|
|
the currently selected context.
|
|
verify_ssl:
|
|
type: boolean
|
|
description: Verify SSL Certificates of the Kubernetes API endpoint
|
|
PatchedLDAPProviderRequest:
|
|
type: object
|
|
description: LDAPProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
description: DN under which objects are accessible.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
tls_server_name:
|
|
type: string
|
|
uid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for uidNumbers, this number is added to the user.pk
|
|
to make sure that the numbers aren't too low for POSIX users. Default
|
|
is 2000 to ensure that we don't collide with local users uidNumber
|
|
gid_start_number:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: The start for gidNumbers, this number is added to a number
|
|
generated from the group.pk to make sure that the numbers aren't too low
|
|
for POSIX groups. Default is 4000 to ensure that we don't collide with
|
|
local groups or users primary groups gidNumber
|
|
search_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
bind_mode:
|
|
$ref: '#/components/schemas/LDAPAPIAccessMode'
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
PatchedLDAPSourcePropertyMappingRequest:
|
|
type: object
|
|
description: LDAP PropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedLDAPSourceRequest:
|
|
type: object
|
|
description: LDAP Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
server_uri:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
peer_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally verify the LDAP Server's Certificate against the
|
|
CA Chain in this keypair.
|
|
client_certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Client certificate to authenticate against the LDAP Server's
|
|
Certificate.
|
|
bind_cn:
|
|
type: string
|
|
bind_password:
|
|
type: string
|
|
writeOnly: true
|
|
start_tls:
|
|
type: boolean
|
|
title: Enable Start TLS
|
|
sni:
|
|
type: boolean
|
|
title: Use Server URI for SNI verification
|
|
base_dn:
|
|
type: string
|
|
minLength: 1
|
|
additional_user_dn:
|
|
type: string
|
|
title: Addition User DN
|
|
description: Prepended to Base DN for User-queries.
|
|
additional_group_dn:
|
|
type: string
|
|
title: Addition Group DN
|
|
description: Prepended to Base DN for Group-queries.
|
|
user_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Users.
|
|
group_object_filter:
|
|
type: string
|
|
minLength: 1
|
|
description: Consider Objects matching this filter to be Groups.
|
|
group_membership_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains members of a group.
|
|
user_membership_attribute:
|
|
type: string
|
|
minLength: 1
|
|
description: Attribute which matches the value of `group_membership_field`.
|
|
object_uniqueness_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field which contains a unique Identifier.
|
|
password_login_update_internal_password:
|
|
type: boolean
|
|
description: Update internal authentik password when login succeeds with
|
|
LDAP
|
|
sync_users:
|
|
type: boolean
|
|
sync_users_password:
|
|
type: boolean
|
|
description: When a user changes their password, sync it back to LDAP. This
|
|
can only be enabled on a single LDAP source.
|
|
sync_groups:
|
|
type: boolean
|
|
sync_parent_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
lookup_groups_from_user:
|
|
type: boolean
|
|
description: Lookup group membership based on a user attribute instead of
|
|
a group attribute. This allows nested group resolution on systems like
|
|
FreeIPA and Active Directory
|
|
delete_not_found_objects:
|
|
type: boolean
|
|
description: Delete authentik users and groups which were previously supplied
|
|
by this source, but are now missing from it.
|
|
sync_outgoing_trigger_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SyncOutgoingTriggerModeEnum'
|
|
description: When to trigger sync for outgoing providers
|
|
PatchedLicenseRequest:
|
|
type: object
|
|
description: License Serializer
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
PatchedLifecycleRuleRequest:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
content_type:
|
|
$ref: '#/components/schemas/ContentTypeEnum'
|
|
object_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
interval:
|
|
type: string
|
|
minLength: 1
|
|
grace_period:
|
|
type: string
|
|
minLength: 1
|
|
reviewer_groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
min_reviewers:
|
|
type: integer
|
|
maximum: 32767
|
|
minimum: 0
|
|
min_reviewers_is_per_group:
|
|
type: boolean
|
|
reviewers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
notification_transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the reviewers.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
PatchedMicrosoftEntraProviderMappingRequest:
|
|
type: object
|
|
description: MicrosoftEntraProviderMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedMicrosoftEntraProviderRequest:
|
|
type: object
|
|
description: MicrosoftEntraProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
client_secret:
|
|
type: string
|
|
minLength: 1
|
|
tenant_id:
|
|
type: string
|
|
minLength: 1
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
filter_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
group_delete_action:
|
|
$ref: '#/components/schemas/OutgoingSyncDeleteAction'
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedMutualTLSStageRequest:
|
|
type: object
|
|
description: MutualTLSStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/StageModeEnum'
|
|
certificate_authorities:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Configure certificate authorities to validate the certificate
|
|
against. This option has a higher priority than the `client_certificate`
|
|
option on `Brand`.
|
|
cert_attribute:
|
|
$ref: '#/components/schemas/CertAttributeEnum'
|
|
user_attribute:
|
|
$ref: '#/components/schemas/UserAttributeEnum'
|
|
PatchedNotificationRequest:
|
|
type: object
|
|
description: Notification Serializer
|
|
properties:
|
|
hyperlink:
|
|
type: string
|
|
nullable: true
|
|
maxLength: 4096
|
|
hyperlink_label:
|
|
type: string
|
|
nullable: true
|
|
event:
|
|
$ref: '#/components/schemas/EventRequest'
|
|
seen:
|
|
type: boolean
|
|
PatchedNotificationRuleRequest:
|
|
type: object
|
|
description: NotificationRule Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
transports:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Select which transports should be used to notify the user.
|
|
If none are selected, the notification will only be shown in the authentik
|
|
UI.
|
|
severity:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SeverityEnum'
|
|
description: Controls which severity level the created notifications will
|
|
have.
|
|
destination_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Define which group of users this notification should be sent
|
|
and shown to. If left empty, Notification won't ben sent.
|
|
destination_event_user:
|
|
type: boolean
|
|
description: When enabled, notification will be sent to user the user that
|
|
triggered the event.When destination_group is configured, notification
|
|
is sent to both.
|
|
PatchedNotificationTransportRequest:
|
|
type: object
|
|
description: NotificationTransport Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
mode:
|
|
$ref: '#/components/schemas/TransportModeEnum'
|
|
webhook_url:
|
|
type: string
|
|
format: uri
|
|
webhook_ca:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: When set, the selected ceritifcate is used to validate the
|
|
certificate of the webhook server.
|
|
webhook_mapping_body:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Customize the body of the request. Mapping should return data
|
|
that is JSON-serializable.
|
|
webhook_mapping_headers:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Configure additional headers to be sent. Mapping should return
|
|
a dictionary of key-value pairs
|
|
email_subject_prefix:
|
|
type: string
|
|
email_template:
|
|
type: string
|
|
minLength: 1
|
|
send_once:
|
|
type: boolean
|
|
description: Only send notification once, for example when sending a webhook
|
|
into a chat channel.
|
|
PatchedNotificationWebhookMappingRequest:
|
|
type: object
|
|
description: NotificationWebhookMapping Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedOAuth2ProviderRequest:
|
|
type: object
|
|
description: OAuth2Provider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ClientTypeEnum'
|
|
description: Confidential clients are capable of maintaining the confidentiality
|
|
of their credentials. Public clients are incapable
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
access_code_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Access codes not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_threshold:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When refreshing a token, if the refresh token is valid for
|
|
less than this duration, it will be renewed. When set to seconds=0, token
|
|
will always be renewed. (Format: hours=1;minutes=2;seconds=3).'
|
|
include_claims_in_id_token:
|
|
type: boolean
|
|
description: Include User claims from scopes in the id_token, for applications
|
|
that don't access the userinfo endpoint.
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to sign the tokens.
|
|
encryption_key:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Key used to encrypt the tokens. When set, tokens will be encrypted
|
|
and returned as JWEs.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURIRequest'
|
|
logout_uri:
|
|
type: string
|
|
format: uri
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OAuth2ProviderLogoutMethodEnum'
|
|
description: Backchannel logs out with server to server calls. Frontchannel
|
|
uses iframes in your browser
|
|
sub_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SubModeEnum'
|
|
description: Configure what data should be used as unique User Identifier.
|
|
For most cases, the default should be fine.
|
|
issuer_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/IssuerModeEnum'
|
|
description: Configure how the issuer field of the ID Token should be filled.
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
PatchedOAuthSourcePropertyMappingRequest:
|
|
type: object
|
|
description: OAuthSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedOAuthSourceRequest:
|
|
type: object
|
|
description: OAuth Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
provider_type:
|
|
$ref: '#/components/schemas/ProviderTypeEnum'
|
|
request_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used to request the initial token. This URL is only required
|
|
for OAuth 1.
|
|
maxLength: 255
|
|
authorization_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL the user is redirect to to conest the flow.
|
|
maxLength: 255
|
|
access_token_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to retrieve tokens.
|
|
maxLength: 255
|
|
profile_url:
|
|
type: string
|
|
nullable: true
|
|
description: URL used by authentik to get user information.
|
|
maxLength: 255
|
|
pkce:
|
|
$ref: '#/components/schemas/PKCEMethodEnum'
|
|
consumer_key:
|
|
type: string
|
|
minLength: 1
|
|
consumer_secret:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
additional_scopes:
|
|
type: string
|
|
oidc_well_known_url:
|
|
type: string
|
|
oidc_jwks_url:
|
|
type: string
|
|
oidc_jwks:
|
|
type: object
|
|
additionalProperties: {}
|
|
authorization_code_auth_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/AuthorizationCodeAuthMethodEnum'
|
|
description: How to perform authentication during an authorization_code
|
|
token request flow
|
|
PatchedOutpostRequest:
|
|
type: object
|
|
description: Outpost Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/OutpostTypeEnum'
|
|
providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
service_connection:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Select Service-Connection authentik should use to manage this
|
|
outpost. Leave empty if authentik should not handle the deployment.
|
|
config:
|
|
type: object
|
|
additionalProperties: {}
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
PatchedPasswordExpiryPolicyRequest:
|
|
type: object
|
|
description: Password Expiry Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
days:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
deny_only:
|
|
type: boolean
|
|
PatchedPasswordPolicyRequest:
|
|
type: object
|
|
description: Password Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
amount_digits:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_uppercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_lowercase:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
amount_symbols:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
length_min:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
symbol_charset:
|
|
type: string
|
|
minLength: 1
|
|
error_message:
|
|
type: string
|
|
check_static_rules:
|
|
type: boolean
|
|
check_have_i_been_pwned:
|
|
type: boolean
|
|
check_zxcvbn:
|
|
type: boolean
|
|
hibp_allowed_count:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: How many times the password hash is allowed to be on haveibeenpwned
|
|
zxcvbn_score_threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: If the zxcvbn score is equal or less than this value, the policy
|
|
will fail.
|
|
PatchedPasswordStageRequest:
|
|
type: object
|
|
description: PasswordStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
backends:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/BackendsEnum'
|
|
description: Selection of backends to test the password against.
|
|
configure_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used by an authenticated user to configure this Stage.
|
|
If empty, user will not be able to configure this stage.
|
|
failed_attempts_before_cancel:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
description: How many attempts a user has before the flow is canceled. To
|
|
lock the user out, use a reputation policy and a user_write stage.
|
|
allow_show_password:
|
|
type: boolean
|
|
description: When enabled, provides a 'show password' button with the password
|
|
input field.
|
|
PatchedPermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourcePropertyMappingRequest:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedPlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
PatchedPolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
PatchedPromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
PatchedPromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
PatchedProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
PatchedRACPropertyMappingRequest:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedRACProviderRequest:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
connection_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
PatchedRadiusProviderPropertyMappingRequest:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedRadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PatchedRedirectStageRequest:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PatchedReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
PatchedRoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
PatchedSAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sign_logout_response:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLLogoutMethods'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
PatchedSAMLSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
force_authn:
|
|
type: boolean
|
|
description: When enabled, the IdP will re-authenticate the user even if
|
|
a session exists.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
PatchedSCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
group_filters:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Group filters used to define sync-scope for groups.
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
PatchedSCIMSourceGroupRequest:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedSCIMSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMSourceRequest:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
PatchedSCIMSourceUserRequest:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
PatchedSMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedSSFProviderRequest:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
push_verify_certificates:
|
|
type: boolean
|
|
PatchedScheduleRequest:
|
|
type: object
|
|
properties:
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
crontab:
|
|
type: string
|
|
minLength: 1
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
PatchedScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
PatchedSettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
core_default_app_access:
|
|
type: boolean
|
|
description: Configure if applications without any policy/group/user
|
|
bindings should be accessible to any user.
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
description: Include additional information in audit logs, may incur
|
|
a performance penalty.
|
|
flows_continuous_login:
|
|
type: boolean
|
|
description: Upon successful authentication, re-start authentication
|
|
in other open tabs.
|
|
flows_refresh_others:
|
|
type: boolean
|
|
description: Refresh other tabs after successful authentication.
|
|
required:
|
|
- core_default_app_access
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_continuous_login
|
|
- flows_refresh_others
|
|
PatchedSourceStageRequest:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
PatchedStaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
PatchedTelegramSourcePropertyMappingRequest:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
PatchedTelegramSourceRequest:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
bot_username:
|
|
type: string
|
|
minLength: 1
|
|
description: Telegram bot username
|
|
bot_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Telegram bot token
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
PatchedTenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
ready:
|
|
type: boolean
|
|
PatchedTokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
PatchedUniquePasswordPolicyRequest:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
PatchedUserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
PatchedUserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
PatchedUserPlexSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
PatchedUserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
PatchedUserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
PatchedUserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
PatchedWSFederationProviderRequest:
|
|
type: object
|
|
description: WSFederationProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
reply_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
wtrealm:
|
|
type: string
|
|
minLength: 1
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
PatchedWebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
Permission:
|
|
type: object
|
|
description: Global permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
maxLength: 255
|
|
codename:
|
|
type: string
|
|
maxLength: 100
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
app_label_verbose:
|
|
type: string
|
|
description: Human-readable app label
|
|
readOnly: true
|
|
model_verbose:
|
|
type: string
|
|
description: Human-readable model name
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- app_label_verbose
|
|
- codename
|
|
- id
|
|
- model
|
|
- model_verbose
|
|
- name
|
|
PermissionAssignRequest:
|
|
type: object
|
|
description: Request to assign a new permission
|
|
properties:
|
|
permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
model:
|
|
$ref: '#/components/schemas/ModelEnum'
|
|
object_pk:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- permissions
|
|
PermissionAssignResult:
|
|
type: object
|
|
description: Result from assigning permissions to a user/role
|
|
properties:
|
|
id:
|
|
type: string
|
|
required:
|
|
- id
|
|
PlexAuthenticationChallenge:
|
|
type: object
|
|
description: Challenge shown to the user in identification stage
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-plex
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
client_id:
|
|
type: string
|
|
slug:
|
|
type: string
|
|
required:
|
|
- client_id
|
|
- slug
|
|
PlexAuthenticationChallengeResponseRequest:
|
|
type: object
|
|
description: Pseudo class for plex response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-plex
|
|
PlexSource:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
description: Plex token used to check friends
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- plex_token
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PlexSourcePropertyMapping:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PlexSourcePropertyMappingRequest:
|
|
type: object
|
|
description: PlexSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
PlexSourceRequest:
|
|
type: object
|
|
description: Plex Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
client_id:
|
|
type: string
|
|
minLength: 1
|
|
description: Client identifier used to talk to Plex.
|
|
allowed_servers:
|
|
type: array
|
|
items:
|
|
type: string
|
|
minLength: 1
|
|
description: Which servers a user has to be a member of to be granted access.
|
|
Empty list allows every server.
|
|
allow_friends:
|
|
type: boolean
|
|
description: Allow friends to authenticate, even if you don't share a server.
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
description: Plex token used to check friends
|
|
required:
|
|
- name
|
|
- plex_token
|
|
- slug
|
|
PlexTokenRedeemRequest:
|
|
type: object
|
|
description: Serializer to redeem a plex token
|
|
properties:
|
|
plex_token:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- plex_token
|
|
Policy:
|
|
type: object
|
|
description: Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PolicyBinding:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy binding uuid
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
policy_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Policy'
|
|
readOnly: true
|
|
nullable: true
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- group_obj
|
|
- order
|
|
- pk
|
|
- policy_obj
|
|
- target
|
|
- user_obj
|
|
PolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBinding Serializer
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
target:
|
|
type: string
|
|
format: uuid
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- order
|
|
- target
|
|
PolicyEngineMode:
|
|
enum:
|
|
- all
|
|
- any
|
|
type: string
|
|
PolicyTestRequest:
|
|
type: object
|
|
description: Test policy execution for a user with context
|
|
properties:
|
|
user:
|
|
type: integer
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- user
|
|
PolicyTestResult:
|
|
type: object
|
|
description: result of a policy test
|
|
properties:
|
|
passing:
|
|
type: boolean
|
|
messages:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
log_messages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
required:
|
|
- log_messages
|
|
- messages
|
|
- passing
|
|
Process:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
name:
|
|
type: string
|
|
user:
|
|
type: string
|
|
required:
|
|
- id
|
|
- name
|
|
ProcessRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- id
|
|
- name
|
|
Prompt:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Prompt uuid
|
|
name:
|
|
type: string
|
|
field_key:
|
|
type: string
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
prompt_stages_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptStage'
|
|
readOnly: true
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- pk
|
|
- prompt_stages_obj
|
|
- type
|
|
PromptChallenge:
|
|
type: object
|
|
description: Initial challenge being sent, define fields
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-prompt
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
fields:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StagePrompt'
|
|
required:
|
|
- fields
|
|
PromptChallengeResponseRequest:
|
|
type: object
|
|
description: |-
|
|
Validate response, fields are dynamically created based
|
|
on the stage
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-prompt
|
|
additionalProperties: {}
|
|
PromptChoice:
|
|
type: object
|
|
description: Serializer for a single Choice field
|
|
properties:
|
|
value:
|
|
type: string
|
|
label:
|
|
type: string
|
|
required:
|
|
- label
|
|
- value
|
|
PromptRequest:
|
|
type: object
|
|
description: Prompt Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
field_key:
|
|
type: string
|
|
minLength: 1
|
|
description: Name of the form field, also used to store the value
|
|
label:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
description: Optionally provide a short hint that describes the expected
|
|
input value. When creating a fixed choice field, enable interpreting as
|
|
expression and return a list to return multiple choices.
|
|
initial_value:
|
|
type: string
|
|
description: Optionally pre-fill the input with an initial value. When creating
|
|
a fixed choice field, enable interpreting as expression and return a list
|
|
to return multiple default choices.
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
sub_text:
|
|
type: string
|
|
placeholder_expression:
|
|
type: boolean
|
|
initial_value_expression:
|
|
type: boolean
|
|
required:
|
|
- field_key
|
|
- label
|
|
- name
|
|
- type
|
|
PromptStage:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- component
|
|
- fields
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PromptStageRequest:
|
|
type: object
|
|
description: PromptStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
fields:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
validation_policies:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- fields
|
|
- name
|
|
PromptTypeEnum:
|
|
enum:
|
|
- text
|
|
- text_area
|
|
- text_read_only
|
|
- text_area_read_only
|
|
- username
|
|
- email
|
|
- password
|
|
- number
|
|
- checkbox
|
|
- radio-button-group
|
|
- dropdown
|
|
- date
|
|
- date-time
|
|
- file
|
|
- separator
|
|
- hidden
|
|
- static
|
|
- ak-locale
|
|
type: string
|
|
PropertyMapping:
|
|
type: object
|
|
description: PropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
PropertyMappingPreview:
|
|
type: object
|
|
description: Preview how the current user is mapped via the property mappings
|
|
selected in a provider
|
|
properties:
|
|
preview:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- preview
|
|
PropertyMappingTestRequest:
|
|
type: object
|
|
description: Test property mapping execution for a user/group with context
|
|
properties:
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
context:
|
|
type: object
|
|
additionalProperties: {}
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
PropertyMappingTestResult:
|
|
type: object
|
|
description: Result of a Property-mapping test
|
|
properties:
|
|
result:
|
|
type: string
|
|
readOnly: true
|
|
successful:
|
|
type: boolean
|
|
readOnly: true
|
|
required:
|
|
- result
|
|
- successful
|
|
ProtocolEnum:
|
|
enum:
|
|
- rdp
|
|
- vnc
|
|
- ssh
|
|
type: string
|
|
Provider:
|
|
type: object
|
|
description: Provider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProviderEnum:
|
|
enum:
|
|
- twilio
|
|
- generic
|
|
type: string
|
|
ProviderModelEnum:
|
|
enum:
|
|
- authentik_providers_google_workspace.googleworkspaceprovider
|
|
- authentik_providers_ldap.ldapprovider
|
|
- authentik_providers_microsoft_entra.microsoftentraprovider
|
|
- authentik_providers_oauth2.oauth2provider
|
|
- authentik_providers_proxy.proxyprovider
|
|
- authentik_providers_rac.racprovider
|
|
- authentik_providers_radius.radiusprovider
|
|
- authentik_providers_saml.samlprovider
|
|
- authentik_providers_scim.scimprovider
|
|
- authentik_providers_ssf.ssfprovider
|
|
- authentik_providers_ws_federation.wsfederationprovider
|
|
type: string
|
|
ProviderTypeEnum:
|
|
enum:
|
|
- apple
|
|
- openidconnect
|
|
- entraid
|
|
- azuread
|
|
- discord
|
|
- facebook
|
|
- github
|
|
- gitlab
|
|
- google
|
|
- mailcow
|
|
- okta
|
|
- patreon
|
|
- reddit
|
|
- slack
|
|
- twitch
|
|
- twitter
|
|
- wechat
|
|
type: string
|
|
ProxyMode:
|
|
enum:
|
|
- proxy
|
|
- forward_single
|
|
- forward_domain
|
|
type: string
|
|
ProxyOutpostConfig:
|
|
type: object
|
|
description: Proxy provider serializer for outposts
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
client_id:
|
|
type: string
|
|
maxLength: 255
|
|
client_secret:
|
|
type: string
|
|
maxLength: 255
|
|
oidc_configuration:
|
|
allOf:
|
|
- $ref: '#/components/schemas/OpenIDConnectConfiguration'
|
|
readOnly: true
|
|
cookie_secret:
|
|
type: string
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
cookie_domain:
|
|
type: string
|
|
access_token_validity:
|
|
type: number
|
|
format: double
|
|
nullable: true
|
|
description: Get token validity as second count
|
|
readOnly: true
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
scopes_to_request:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: |-
|
|
Get all the scope names the outpost should request,
|
|
including custom-defined ones
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
required:
|
|
- access_token_validity
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- external_host
|
|
- name
|
|
- oidc_configuration
|
|
- pk
|
|
- scopes_to_request
|
|
ProxyProvider:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_id:
|
|
type: string
|
|
readOnly: true
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
redirect_uris:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RedirectURI'
|
|
readOnly: true
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- client_id
|
|
- component
|
|
- external_host
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- redirect_uris
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ProxyProviderRequest:
|
|
type: object
|
|
description: ProxyProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
internal_host:
|
|
type: string
|
|
format: uri
|
|
external_host:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
internal_host_ssl_validation:
|
|
type: boolean
|
|
description: Validate SSL Certificates of upstream servers
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
skip_path_regex:
|
|
type: string
|
|
description: Regular expressions for which authentication is not required.
|
|
Each new line is interpreted as a new Regular Expression.
|
|
basic_auth_enabled:
|
|
type: boolean
|
|
title: Set HTTP-Basic Authentication
|
|
description: Set a custom HTTP-Basic Authentication header based on values
|
|
from authentik.
|
|
basic_auth_password_attribute:
|
|
type: string
|
|
title: HTTP-Basic Password Key
|
|
description: User/Group Attribute used for the password part of the HTTP-Basic
|
|
Header.
|
|
basic_auth_user_attribute:
|
|
type: string
|
|
title: HTTP-Basic Username Key
|
|
description: User/Group Attribute used for the user part of the HTTP-Basic
|
|
Header. If not set, the user's Email address is used.
|
|
mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ProxyMode'
|
|
description: Enable support for forwardAuth in traefik and nginx auth_request.
|
|
Exclusive with internal_host.
|
|
intercept_header_auth:
|
|
type: boolean
|
|
description: When enabled, this provider will intercept the authorization
|
|
header and authenticate requests based on its value.
|
|
cookie_domain:
|
|
type: string
|
|
jwt_federation_sources:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
title: Any JWT signed by the JWK of the selected source can be used to
|
|
authenticate.
|
|
title: Any JWT signed by the JWK of the selected source can be used to authenticate.
|
|
jwt_federation_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
access_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
refresh_token_validity:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Tokens not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
required:
|
|
- authorization_flow
|
|
- external_host
|
|
- invalidation_flow
|
|
- name
|
|
RACPropertyMapping:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- static_settings
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RACPropertyMappingRequest:
|
|
type: object
|
|
description: RACPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
static_settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- name
|
|
- static_settings
|
|
RACProvider:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
connection_expiry:
|
|
type: string
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RACProviderRequest:
|
|
type: object
|
|
description: RACProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
connection_expiry:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
delete_token_on_disconnect:
|
|
type: boolean
|
|
description: When set to true, connection tokens will be deleted upon disconnect.
|
|
required:
|
|
- authorization_flow
|
|
- name
|
|
RadiusCheckAccess:
|
|
type: object
|
|
description: Base serializer class which doesn't implement create/update methods
|
|
properties:
|
|
attributes:
|
|
type: string
|
|
access:
|
|
$ref: '#/components/schemas/PolicyTestResult'
|
|
required:
|
|
- access
|
|
RadiusOutpostConfig:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
application_slug:
|
|
type: string
|
|
auth_flow_slug:
|
|
type: string
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- application_slug
|
|
- auth_flow_slug
|
|
- name
|
|
- pk
|
|
RadiusProvider:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
client_networks:
|
|
type: string
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
description: Shared secret between clients and server to hash packets.
|
|
outpost_set:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- outpost_set
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RadiusProviderPropertyMapping:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RadiusProviderPropertyMappingRequest:
|
|
type: object
|
|
description: RadiusProviderPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
RadiusProviderRequest:
|
|
type: object
|
|
description: RadiusProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
client_networks:
|
|
type: string
|
|
minLength: 1
|
|
description: List of CIDRs (comma-separated) that clients can connect from.
|
|
A more specific CIDR will match before a looser one. Clients connecting
|
|
from a non-specified CIDR will be dropped.
|
|
shared_secret:
|
|
type: string
|
|
minLength: 1
|
|
description: Shared secret between clients and server to hash packets.
|
|
mfa_support:
|
|
type: boolean
|
|
description: When enabled, code-based multi-factor authentication can be
|
|
used by appending a semicolon and the TOTP code to the password. This
|
|
should only be enabled if all users that will bind to this provider have
|
|
a TOTP device configured, as otherwise a password may incorrectly be rejected
|
|
if it contains a semicolon.
|
|
certificate:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
RedirectChallenge:
|
|
type: object
|
|
description: Challenge type to redirect the client
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-redirect
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
to:
|
|
type: string
|
|
required:
|
|
- to
|
|
RedirectChallengeResponseRequest:
|
|
type: object
|
|
description: Redirect challenge response
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: xak-flow-redirect
|
|
to:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- to
|
|
RedirectStage:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- mode
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
RedirectStageModeEnum:
|
|
enum:
|
|
- static
|
|
- flow
|
|
type: string
|
|
RedirectStageRequest:
|
|
type: object
|
|
description: RedirectStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
keep_context:
|
|
type: boolean
|
|
mode:
|
|
$ref: '#/components/schemas/RedirectStageModeEnum'
|
|
target_static:
|
|
type: string
|
|
target_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
required:
|
|
- mode
|
|
- name
|
|
RedirectURI:
|
|
type: object
|
|
description: A single allowed redirect URI entry
|
|
properties:
|
|
matching_mode:
|
|
$ref: '#/components/schemas/MatchingModeEnum'
|
|
url:
|
|
type: string
|
|
redirect_uri_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RedirectUriTypeEnum'
|
|
default: authorization
|
|
required:
|
|
- matching_mode
|
|
- url
|
|
RedirectURIRequest:
|
|
type: object
|
|
description: A single allowed redirect URI entry
|
|
properties:
|
|
matching_mode:
|
|
$ref: '#/components/schemas/MatchingModeEnum'
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
redirect_uri_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/RedirectUriTypeEnum'
|
|
default: authorization
|
|
required:
|
|
- matching_mode
|
|
- url
|
|
RedirectUriTypeEnum:
|
|
enum:
|
|
- authorization
|
|
- logout
|
|
type: string
|
|
RelatedGroup:
|
|
type: object
|
|
description: Stripped down group serializer to show relevant children/parents
|
|
for groups
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
name:
|
|
type: string
|
|
is_superuser:
|
|
type: boolean
|
|
description: Users added to this group will be superusers.
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
group_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
required:
|
|
- group_uuid
|
|
- name
|
|
- pk
|
|
Reputation:
|
|
type: object
|
|
description: Reputation Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
title: Reputation uuid
|
|
identifier:
|
|
type: string
|
|
ip:
|
|
type: string
|
|
ip_geo_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
ip_asn_data:
|
|
type: object
|
|
additionalProperties: {}
|
|
score:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: -9223372036854775808
|
|
format: int64
|
|
updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- identifier
|
|
- ip
|
|
- updated
|
|
ReputationPolicy:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ReputationPolicyRequest:
|
|
type: object
|
|
description: Reputation Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
check_ip:
|
|
type: boolean
|
|
check_username:
|
|
type: boolean
|
|
threshold:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
required:
|
|
- name
|
|
Review:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
iteration:
|
|
type: string
|
|
format: uuid
|
|
reviewer:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ReviewerUser'
|
|
readOnly: true
|
|
timestamp:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
note:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- id
|
|
- iteration
|
|
- reviewer
|
|
- timestamp
|
|
ReviewRequest:
|
|
type: object
|
|
description: |-
|
|
Mixin to validate that a valid enterprise license
|
|
exists before allowing to save the object
|
|
properties:
|
|
iteration:
|
|
type: string
|
|
format: uuid
|
|
note:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
required:
|
|
- iteration
|
|
ReviewerGroup:
|
|
type: object
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Group uuid
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
- pk
|
|
ReviewerUser:
|
|
type: object
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
required:
|
|
- name
|
|
- pk
|
|
- username
|
|
- uuid
|
|
Role:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
- pk
|
|
RoleAssignedObjectPermission:
|
|
type: object
|
|
description: Roles assigned object permission serializer
|
|
properties:
|
|
role_pk:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
object_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleObjectPermission'
|
|
model_permissions:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/RoleModelPermission'
|
|
required:
|
|
- model_permissions
|
|
- name
|
|
- object_permissions
|
|
- role_pk
|
|
RoleModelPermission:
|
|
type: object
|
|
description: Role-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
RoleObjectPermission:
|
|
type: object
|
|
description: Role-bound object level permission
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
codename:
|
|
type: string
|
|
readOnly: true
|
|
model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
app_label:
|
|
type: string
|
|
readOnly: true
|
|
object_pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- app_label
|
|
- codename
|
|
- id
|
|
- model
|
|
- name
|
|
- object_pk
|
|
RoleRequest:
|
|
type: object
|
|
description: Role serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
SAMLBindingsEnum:
|
|
enum:
|
|
- redirect
|
|
- post
|
|
type: string
|
|
SAMLLogoutMethods:
|
|
enum:
|
|
- frontchannel_iframe
|
|
- frontchannel_native
|
|
- backchannel
|
|
type: string
|
|
SAMLMetadata:
|
|
type: object
|
|
description: SAML Provider Metadata serializer
|
|
properties:
|
|
metadata:
|
|
type: string
|
|
download_url:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- metadata
|
|
SAMLNameIDPolicyEnum:
|
|
enum:
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName
|
|
- urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
|
- urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
|
type: string
|
|
SAMLPropertyMapping:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
saml_name:
|
|
type: string
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- saml_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLPropertyMappingRequest:
|
|
type: object
|
|
description: SAMLPropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
saml_name:
|
|
type: string
|
|
minLength: 1
|
|
friendly_name:
|
|
type: string
|
|
nullable: true
|
|
required:
|
|
- expression
|
|
- name
|
|
- saml_name
|
|
SAMLProvider:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
acs_url:
|
|
type: string
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sign_logout_response:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLLogoutMethods'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
url_download_metadata:
|
|
type: string
|
|
description: Get metadata download URL
|
|
readOnly: true
|
|
url_sso_post:
|
|
type: string
|
|
description: Get SSO Post URL
|
|
readOnly: true
|
|
url_sso_redirect:
|
|
type: string
|
|
description: Get SSO Redirect URL
|
|
readOnly: true
|
|
url_sso_init:
|
|
type: string
|
|
description: Get SSO IDP-Initiated URL
|
|
readOnly: true
|
|
url_slo_post:
|
|
type: string
|
|
description: Get SLO POST URL
|
|
readOnly: true
|
|
url_slo_redirect:
|
|
type: string
|
|
description: Get SLO redirect URL
|
|
readOnly: true
|
|
required:
|
|
- acs_url
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url_download_metadata
|
|
- url_slo_post
|
|
- url_slo_redirect
|
|
- url_sso_init
|
|
- url_sso_post
|
|
- url_sso_redirect
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLProviderImportRequest:
|
|
type: object
|
|
description: Import saml provider from XML Metadata
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
file:
|
|
type: string
|
|
format: binary
|
|
required:
|
|
- authorization_flow
|
|
- file
|
|
- invalidation_flow
|
|
- name
|
|
SAMLProviderRequest:
|
|
type: object
|
|
description: SAMLProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
acs_url:
|
|
type: string
|
|
minLength: 1
|
|
format: uri
|
|
sls_url:
|
|
type: string
|
|
description: Single Logout Service URL where the logout response should
|
|
be sent.
|
|
format: uri
|
|
audience:
|
|
type: string
|
|
description: Value of the audience restriction field of the assertion. When
|
|
left empty, no audience restriction will be added.
|
|
issuer:
|
|
type: string
|
|
minLength: 1
|
|
description: Also known as EntityID
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_response:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
sign_logout_response:
|
|
type: boolean
|
|
sp_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
title: Service Provider Binding
|
|
description: This determines how authentik sends the response back to the
|
|
Service Provider.
|
|
sls_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLBindingsEnum'
|
|
description: This determines how authentik sends the logout response back
|
|
to the Service Provider.
|
|
logout_method:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLLogoutMethods'
|
|
description: Method to use for logout. Front-channel iframe loads all logout
|
|
URLs simultaneously in hidden iframes. Front-channel native uses your
|
|
active browser tab to send post requests and redirect to providers. Back-channel
|
|
sends logout requests directly from the server without user interaction
|
|
(requires POST SLS binding).
|
|
default_relay_state:
|
|
type: string
|
|
description: Default relay_state value for IDP-initiated logins
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
required:
|
|
- acs_url
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
SAMLSource:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
force_authn:
|
|
type: boolean
|
|
description: When enabled, the IdP will re-authenticate the user even if
|
|
a session exists.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLSourcePropertyMapping:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SAMLSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SAMLSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SAMLSourceRequest:
|
|
type: object
|
|
description: SAMLSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
group_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GroupMatchingModeEnum'
|
|
description: How the source determines if an existing group should be used
|
|
or a new group created.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
issuer:
|
|
type: string
|
|
description: Also known as Entity ID. Defaults the Metadata URL.
|
|
sso_url:
|
|
type: string
|
|
minLength: 1
|
|
description: URL that the initial Login request is sent to.
|
|
format: uri
|
|
slo_url:
|
|
type: string
|
|
nullable: true
|
|
description: Optional URL if your IDP supports Single-Logout.
|
|
format: uri
|
|
allow_idp_initiated:
|
|
type: boolean
|
|
description: Allows authentication flows initiated by the IdP. This can
|
|
be a security risk, as no validation of the request ID is done.
|
|
force_authn:
|
|
type: boolean
|
|
description: When enabled, the IdP will re-authenticate the user even if
|
|
a session exists.
|
|
name_id_policy:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
description: NameID Policy sent to the IdP. Can be unset, in which case
|
|
no Policy is sent.
|
|
binding_type:
|
|
$ref: '#/components/schemas/BindingTypeEnum'
|
|
verification_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Verification Certificate
|
|
description: When selected, incoming assertion's Signatures will be validated
|
|
against this certificate. To allow unsigned Requests, leave on default.
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Identity
|
|
Provider.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
temporary_user_delete_after:
|
|
type: string
|
|
minLength: 1
|
|
title: Delete temporary users after
|
|
description: 'Time offset when temporary users should be deleted. This only
|
|
applies if your IDP uses the NameID Format ''transient'', and the user
|
|
doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).'
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
signed_assertion:
|
|
type: boolean
|
|
signed_response:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- pre_authentication_flow
|
|
- slug
|
|
- sso_url
|
|
SCIMAuthenticationModeEnum:
|
|
enum:
|
|
- token
|
|
- oauth
|
|
type: string
|
|
SCIMMapping:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMMappingRequest:
|
|
type: object
|
|
description: SCIMMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SCIMProvider:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
url:
|
|
type: string
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
description: Timeout for synchronization of a single page
|
|
group_filters:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Group filters used to define sync-scope for groups.
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- url
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMProviderGroup:
|
|
type: object
|
|
description: SCIMProviderGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
scim_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- group
|
|
- group_obj
|
|
- id
|
|
- provider
|
|
- scim_id
|
|
SCIMProviderGroupRequest:
|
|
type: object
|
|
description: SCIMProviderGroup Serializer
|
|
properties:
|
|
scim_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- group
|
|
- provider
|
|
- scim_id
|
|
SCIMProviderRequest:
|
|
type: object
|
|
description: SCIMProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
property_mappings_group:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Property mappings used for group creation/updating.
|
|
url:
|
|
type: string
|
|
minLength: 1
|
|
description: Base URL to SCIM requests, usually ends in /v2
|
|
verify_certificates:
|
|
type: boolean
|
|
token:
|
|
type: string
|
|
description: Authentication token
|
|
auth_mode:
|
|
$ref: '#/components/schemas/SCIMAuthenticationModeEnum'
|
|
auth_oauth:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: OAuth Source used for authentication
|
|
auth_oauth_params:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Additional OAuth parameters, such as grant_type
|
|
compatibility_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/CompatibilityModeEnum'
|
|
title: SCIM Compatibility Mode
|
|
description: Alter authentik behavior for vendor-specific SCIM implementations.
|
|
service_provider_config_cache_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Cache duration for ServiceProviderConfig responses. Set minutes=0
|
|
to disable.
|
|
exclude_users_service_account:
|
|
type: boolean
|
|
sync_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Controls the number of objects synced in a single task
|
|
sync_page_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: Timeout for synchronization of a single page
|
|
group_filters:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
description: Group filters used to define sync-scope for groups.
|
|
dry_run:
|
|
type: boolean
|
|
description: When enabled, provider will not modify or create objects in
|
|
the remote system.
|
|
required:
|
|
- name
|
|
- url
|
|
SCIMProviderUser:
|
|
type: object
|
|
description: SCIMProviderUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
scim_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
provider:
|
|
type: integer
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
readOnly: true
|
|
required:
|
|
- attributes
|
|
- id
|
|
- provider
|
|
- scim_id
|
|
- user
|
|
- user_obj
|
|
SCIMProviderUserRequest:
|
|
type: object
|
|
description: SCIMProviderUser Serializer
|
|
properties:
|
|
scim_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
provider:
|
|
type: integer
|
|
required:
|
|
- provider
|
|
- scim_id
|
|
- user
|
|
SCIMSource:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
root_url:
|
|
type: string
|
|
description: Get Root URL
|
|
readOnly: true
|
|
token_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Token'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- root_url
|
|
- slug
|
|
- token_obj
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMSourceGroup:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
external_id:
|
|
type: string
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
group_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- group
|
|
- group_obj
|
|
- source
|
|
SCIMSourceGroupRequest:
|
|
type: object
|
|
description: SCIMSourceGroup Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- group
|
|
- source
|
|
SCIMSourcePropertyMapping:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SCIMSourcePropertyMappingRequest:
|
|
type: object
|
|
description: SCIMSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
SCIMSourceRequest:
|
|
type: object
|
|
description: SCIMSource Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- slug
|
|
SCIMSourceUser:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
external_id:
|
|
type: string
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- source
|
|
- user
|
|
- user_obj
|
|
SCIMSourceUserRequest:
|
|
type: object
|
|
description: SCIMSourceUser Serializer
|
|
properties:
|
|
id:
|
|
type: string
|
|
minLength: 1
|
|
external_id:
|
|
type: string
|
|
minLength: 1
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
required:
|
|
- external_id
|
|
- source
|
|
- user
|
|
SMSDevice:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
phone_number:
|
|
type: string
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- phone_number
|
|
- pk
|
|
- user
|
|
SMSDeviceRequest:
|
|
type: object
|
|
description: Serializer for sms authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
SSFProvider:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
token_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Token'
|
|
readOnly: true
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
oidc_auth_providers_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Provider'
|
|
readOnly: true
|
|
ssf_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
event_retention:
|
|
type: string
|
|
push_verify_certificates:
|
|
type: boolean
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- oidc_auth_providers_obj
|
|
- pk
|
|
- signing_key
|
|
- ssf_url
|
|
- token_obj
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SSFProviderRequest:
|
|
type: object
|
|
description: SSFProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
signing_key:
|
|
type: string
|
|
format: uuid
|
|
description: Key used to sign the SSF Events.
|
|
oidc_auth_providers:
|
|
type: array
|
|
items:
|
|
type: integer
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
push_verify_certificates:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- signing_key
|
|
SSFStream:
|
|
type: object
|
|
description: SSFStream Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
status:
|
|
$ref: '#/components/schemas/SSFStreamStatusEnum'
|
|
provider:
|
|
type: integer
|
|
provider_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/SSFProvider'
|
|
readOnly: true
|
|
delivery_method:
|
|
$ref: '#/components/schemas/DeliveryMethodEnum'
|
|
endpoint_url:
|
|
type: string
|
|
nullable: true
|
|
events_requested:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/EventsRequestedEnum'
|
|
format:
|
|
type: string
|
|
aud:
|
|
type: array
|
|
items:
|
|
type: string
|
|
iss:
|
|
type: string
|
|
required:
|
|
- delivery_method
|
|
- format
|
|
- iss
|
|
- pk
|
|
- provider
|
|
- provider_obj
|
|
SSFStreamStatusEnum:
|
|
enum:
|
|
- enabled
|
|
- paused
|
|
- disabled
|
|
type: string
|
|
Schedule:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
description: Unique schedule identifier
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
actor_name:
|
|
type: string
|
|
readOnly: true
|
|
description: Dramatiq actor to call
|
|
rel_obj_app_label:
|
|
type: string
|
|
readOnly: true
|
|
rel_obj_model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
crontab:
|
|
type: string
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
next_run:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
description:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
last_task_status:
|
|
allOf:
|
|
- $ref: '#/components/schemas/LastTaskStatusEnum'
|
|
nullable: true
|
|
readOnly: true
|
|
required:
|
|
- actor_name
|
|
- crontab
|
|
- description
|
|
- id
|
|
- identifier
|
|
- last_task_status
|
|
- next_run
|
|
- rel_obj_app_label
|
|
- rel_obj_model
|
|
- uid
|
|
ScheduleRequest:
|
|
type: object
|
|
properties:
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
crontab:
|
|
type: string
|
|
minLength: 1
|
|
description: When to schedule tasks
|
|
paused:
|
|
type: boolean
|
|
description: Pause this schedule
|
|
required:
|
|
- crontab
|
|
ScopeMapping:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
scope_name:
|
|
type: string
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- scope_name
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ScopeMappingRequest:
|
|
type: object
|
|
description: ScopeMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
scope_name:
|
|
type: string
|
|
minLength: 1
|
|
description: Scope name requested by the client
|
|
description:
|
|
type: string
|
|
description: Description shown to the user when consenting. If left empty,
|
|
the user won't be informed.
|
|
required:
|
|
- expression
|
|
- name
|
|
- scope_name
|
|
SelectableStage:
|
|
type: object
|
|
description: Serializer for stages which can be selected by users
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
name:
|
|
type: string
|
|
verbose_name:
|
|
type: string
|
|
meta_model_name:
|
|
type: string
|
|
required:
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
ServiceConnection:
|
|
type: object
|
|
description: ServiceConnection Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Uuid
|
|
name:
|
|
type: string
|
|
local:
|
|
type: boolean
|
|
description: If enabled, use the local connection. Required Docker socket/Kubernetes
|
|
Integration
|
|
component:
|
|
type: string
|
|
description: Return component used to edit this object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
ServiceConnectionState:
|
|
type: object
|
|
description: Serializer for Service connection state
|
|
properties:
|
|
healthy:
|
|
type: boolean
|
|
readOnly: true
|
|
version:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- healthy
|
|
- version
|
|
SessionEndChallenge:
|
|
type: object
|
|
description: Challenge for ending a session
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-session-end
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
application_name:
|
|
type: string
|
|
application_launch_url:
|
|
type: string
|
|
invalidation_flow_url:
|
|
type: string
|
|
brand_name:
|
|
type: string
|
|
required:
|
|
- brand_name
|
|
- pending_user
|
|
- pending_user_avatar
|
|
SessionUser:
|
|
type: object
|
|
description: |-
|
|
Response for the /user/me endpoint, returns the currently active user (as `user` property)
|
|
and, if this user is being impersonated, the original user in the `original` property.
|
|
properties:
|
|
user:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
original:
|
|
$ref: '#/components/schemas/UserSelf'
|
|
required:
|
|
- user
|
|
Settings:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
core_default_app_access:
|
|
type: boolean
|
|
description: Configure if applications without any policy/group/user
|
|
bindings should be accessible to any user.
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
description: Include additional information in audit logs, may incur
|
|
a performance penalty.
|
|
flows_continuous_login:
|
|
type: boolean
|
|
description: Upon successful authentication, re-start authentication
|
|
in other open tabs.
|
|
flows_refresh_others:
|
|
type: boolean
|
|
description: Refresh other tabs after successful authentication.
|
|
required:
|
|
- core_default_app_access
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_continuous_login
|
|
- flows_refresh_others
|
|
required:
|
|
- flags
|
|
SettingsRequest:
|
|
type: object
|
|
description: Settings Serializer
|
|
properties:
|
|
avatars:
|
|
type: string
|
|
minLength: 1
|
|
description: Configure how authentik should show avatars for users.
|
|
default_user_change_name:
|
|
type: boolean
|
|
description: Enable the ability for users to change their name.
|
|
default_user_change_email:
|
|
type: boolean
|
|
description: Enable the ability for users to change their email address.
|
|
default_user_change_username:
|
|
type: boolean
|
|
description: Enable the ability for users to change their username.
|
|
event_retention:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Events will be deleted after this duration.(Format: weeks=3;days=2;hours=3,seconds=2).'
|
|
reputation_lower_limit:
|
|
type: integer
|
|
maximum: 0
|
|
minimum: -2147483648
|
|
description: Reputation cannot decrease lower than this value. Zero or negative.
|
|
reputation_upper_limit:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Reputation cannot increase higher than this value. Zero or
|
|
positive.
|
|
footer_links: {}
|
|
gdpr_compliance:
|
|
type: boolean
|
|
description: When enabled, all the events caused by a user will be deleted
|
|
upon the user's deletion.
|
|
impersonation:
|
|
type: boolean
|
|
description: Globally enable/disable impersonation.
|
|
impersonation_require_reason:
|
|
type: boolean
|
|
description: Require administrators to provide a reason for impersonating
|
|
a user.
|
|
default_token_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: Default token duration
|
|
default_token_length:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 1
|
|
description: Default token length
|
|
pagination_default_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Default page size for API responses, if no size was requested.
|
|
pagination_max_page_size:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Maximum page size
|
|
flags:
|
|
type: object
|
|
properties:
|
|
core_default_app_access:
|
|
type: boolean
|
|
description: Configure if applications without any policy/group/user
|
|
bindings should be accessible to any user.
|
|
enterprise_audit_include_expanded_diff:
|
|
type: boolean
|
|
description: Include additional information in audit logs, may incur
|
|
a performance penalty.
|
|
flows_continuous_login:
|
|
type: boolean
|
|
description: Upon successful authentication, re-start authentication
|
|
in other open tabs.
|
|
flows_refresh_others:
|
|
type: boolean
|
|
description: Refresh other tabs after successful authentication.
|
|
required:
|
|
- core_default_app_access
|
|
- enterprise_audit_include_expanded_diff
|
|
- flows_continuous_login
|
|
- flows_refresh_others
|
|
required:
|
|
- flags
|
|
SeverityEnum:
|
|
enum:
|
|
- notice
|
|
- warning
|
|
- alert
|
|
type: string
|
|
ShellChallenge:
|
|
type: object
|
|
description: challenge type to render HTML as-is
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: xak-flow-shell
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
body:
|
|
type: string
|
|
required:
|
|
- body
|
|
SignatureAlgorithmEnum:
|
|
enum:
|
|
- http://www.w3.org/2000/09/xmldsig#rsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384
|
|
- http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512
|
|
- http://www.w3.org/2000/09/xmldsig#dsa-sha1
|
|
type: string
|
|
Software:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
version:
|
|
type: string
|
|
source:
|
|
type: string
|
|
path:
|
|
type: string
|
|
required:
|
|
- name
|
|
- source
|
|
SoftwareRequest:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
version:
|
|
type: string
|
|
source:
|
|
type: string
|
|
minLength: 1
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
- source
|
|
Source:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
description: Get the URL to the source icon
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SourceStage:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- source
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
SourceStageRequest:
|
|
type: object
|
|
description: SourceStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
resume_timeout:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Amount of time a user can take to return from the source to
|
|
continue the flow (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- name
|
|
- source
|
|
SourceType:
|
|
type: object
|
|
description: Serializer for SourceType
|
|
properties:
|
|
name:
|
|
type: string
|
|
verbose_name:
|
|
type: string
|
|
urls_customizable:
|
|
type: boolean
|
|
request_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
authorization_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
access_token_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
profile_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_well_known_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
oidc_jwks_url:
|
|
type: string
|
|
readOnly: true
|
|
nullable: true
|
|
required:
|
|
- access_token_url
|
|
- authorization_url
|
|
- name
|
|
- oidc_jwks_url
|
|
- oidc_well_known_url
|
|
- profile_url
|
|
- request_token_url
|
|
- urls_customizable
|
|
- verbose_name
|
|
Stage:
|
|
type: object
|
|
description: Stage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
StageModeEnum:
|
|
enum:
|
|
- optional
|
|
- required
|
|
type: string
|
|
StagePrompt:
|
|
type: object
|
|
description: Serializer for a single Prompt field
|
|
properties:
|
|
field_key:
|
|
type: string
|
|
label:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/PromptTypeEnum'
|
|
required:
|
|
type: boolean
|
|
placeholder:
|
|
type: string
|
|
initial_value:
|
|
type: string
|
|
order:
|
|
type: integer
|
|
sub_text:
|
|
type: string
|
|
choices:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PromptChoice'
|
|
nullable: true
|
|
required:
|
|
- choices
|
|
- field_key
|
|
- initial_value
|
|
- label
|
|
- order
|
|
- placeholder
|
|
- required
|
|
- sub_text
|
|
- type
|
|
StaticDevice:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
token_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/StaticDeviceToken'
|
|
readOnly: true
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- token_set
|
|
- user
|
|
StaticDeviceRequest:
|
|
type: object
|
|
description: Serializer for static authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
StaticDeviceToken:
|
|
type: object
|
|
description: Serializer for static device's tokens
|
|
properties:
|
|
token:
|
|
type: string
|
|
maxLength: 100
|
|
required:
|
|
- token
|
|
SubModeEnum:
|
|
enum:
|
|
- hashed_user_id
|
|
- user_id
|
|
- user_uuid
|
|
- user_username
|
|
- user_email
|
|
- user_upn
|
|
type: string
|
|
SyncObjectModelEnum:
|
|
enum:
|
|
- authentik.core.models.User
|
|
- authentik.core.models.Group
|
|
type: string
|
|
SyncObjectRequest:
|
|
type: object
|
|
description: Sync object serializer
|
|
properties:
|
|
sync_object_model:
|
|
$ref: '#/components/schemas/SyncObjectModelEnum'
|
|
sync_object_id:
|
|
type: string
|
|
minLength: 1
|
|
override_dry_run:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- sync_object_id
|
|
- sync_object_model
|
|
SyncObjectResult:
|
|
type: object
|
|
description: Result of a single object sync
|
|
properties:
|
|
messages:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
required:
|
|
- messages
|
|
SyncOutgoingTriggerModeEnum:
|
|
enum:
|
|
- none
|
|
- immediate
|
|
- deferred_end
|
|
type: string
|
|
SyncStatus:
|
|
type: object
|
|
description: Provider/source sync status
|
|
properties:
|
|
is_running:
|
|
type: boolean
|
|
last_successful_sync:
|
|
type: string
|
|
format: date-time
|
|
last_sync_status:
|
|
$ref: '#/components/schemas/TaskAggregatedStatusEnum'
|
|
required:
|
|
- is_running
|
|
SystemInfo:
|
|
type: object
|
|
description: Get system information.
|
|
properties:
|
|
http_headers:
|
|
type: object
|
|
additionalProperties:
|
|
type: string
|
|
description: Get HTTP Request headers
|
|
readOnly: true
|
|
http_host:
|
|
type: string
|
|
description: Get HTTP host
|
|
readOnly: true
|
|
http_is_secure:
|
|
type: boolean
|
|
description: Get HTTP Secure flag
|
|
readOnly: true
|
|
runtime:
|
|
type: object
|
|
description: Get versions
|
|
properties:
|
|
python_version:
|
|
type: string
|
|
environment:
|
|
type: string
|
|
architecture:
|
|
type: string
|
|
platform:
|
|
type: string
|
|
uname:
|
|
type: string
|
|
openssl_version:
|
|
type: string
|
|
openssl_fips_enabled:
|
|
type: boolean
|
|
nullable: true
|
|
authentik_version:
|
|
type: string
|
|
required:
|
|
- architecture
|
|
- authentik_version
|
|
- environment
|
|
- openssl_fips_enabled
|
|
- openssl_version
|
|
- platform
|
|
- python_version
|
|
- uname
|
|
readOnly: true
|
|
brand:
|
|
type: string
|
|
description: Currently active brand
|
|
readOnly: true
|
|
server_time:
|
|
type: string
|
|
format: date-time
|
|
description: Current server time
|
|
readOnly: true
|
|
embedded_outpost_disabled:
|
|
type: boolean
|
|
description: Whether the embedded outpost is disabled
|
|
readOnly: true
|
|
embedded_outpost_host:
|
|
type: string
|
|
description: Get the FQDN configured on the embedded outpost
|
|
readOnly: true
|
|
required:
|
|
- brand
|
|
- embedded_outpost_disabled
|
|
- embedded_outpost_host
|
|
- http_headers
|
|
- http_host
|
|
- http_is_secure
|
|
- runtime
|
|
- server_time
|
|
TOTPDevice:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
- user
|
|
TOTPDeviceRequest:
|
|
type: object
|
|
description: Serializer for totp authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: The human-readable name of this device.
|
|
maxLength: 64
|
|
required:
|
|
- name
|
|
Task:
|
|
type: object
|
|
properties:
|
|
message_id:
|
|
type: string
|
|
format: uuid
|
|
queue_name:
|
|
type: string
|
|
description: Queue name
|
|
actor_name:
|
|
type: string
|
|
description: Dramatiq actor name
|
|
state:
|
|
allOf:
|
|
- $ref: '#/components/schemas/TaskStatusEnum'
|
|
description: Task status
|
|
mtime:
|
|
type: string
|
|
format: date-time
|
|
description: Task last modified time
|
|
retries:
|
|
type: integer
|
|
maximum: 9223372036854775807
|
|
minimum: 0
|
|
format: int64
|
|
description: Number of retries
|
|
eta:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
description: Planned execution time
|
|
rel_obj_app_label:
|
|
type: string
|
|
readOnly: true
|
|
rel_obj_model:
|
|
type: string
|
|
title: Python model class name
|
|
readOnly: true
|
|
rel_obj_id:
|
|
type: string
|
|
nullable: true
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
previous_logs:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/LogEvent'
|
|
readOnly: true
|
|
aggregated_status:
|
|
$ref: '#/components/schemas/TaskAggregatedStatusEnum'
|
|
description:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
required:
|
|
- actor_name
|
|
- aggregated_status
|
|
- description
|
|
- logs
|
|
- previous_logs
|
|
- rel_obj_app_label
|
|
- rel_obj_model
|
|
- uid
|
|
TaskAggregatedStatusEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
- info
|
|
- warning
|
|
- error
|
|
type: string
|
|
TaskStatusEnum:
|
|
enum:
|
|
- queued
|
|
- consumed
|
|
- preprocess
|
|
- running
|
|
- postprocess
|
|
- rejected
|
|
- done
|
|
type: string
|
|
TelegramAuthRequest:
|
|
type: object
|
|
properties:
|
|
id:
|
|
type: integer
|
|
first_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
last_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
photo_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
auth_date:
|
|
type: integer
|
|
hash:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 64
|
|
required:
|
|
- auth_date
|
|
- hash
|
|
- id
|
|
TelegramChallengeResponseRequest:
|
|
type: object
|
|
description: Base class for all challenge responses
|
|
properties:
|
|
id:
|
|
type: integer
|
|
first_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
last_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
photo_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
auth_date:
|
|
type: integer
|
|
hash:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 64
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-source-telegram
|
|
required:
|
|
- auth_date
|
|
- hash
|
|
- id
|
|
TelegramLoginChallenge:
|
|
type: object
|
|
description: Base login challenge for Identification stage
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-source-telegram
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
bot_username:
|
|
type: string
|
|
description: Telegram bot username
|
|
request_message_access:
|
|
type: boolean
|
|
required:
|
|
- bot_username
|
|
- request_message_access
|
|
TelegramSource:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pbm uuid
|
|
name:
|
|
type: string
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
readOnly: true
|
|
user_path_template:
|
|
type: string
|
|
icon:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
nullable: true
|
|
readOnly: true
|
|
icon_themed_urls:
|
|
allOf:
|
|
- $ref: '#/components/schemas/ThemedUrls'
|
|
readOnly: true
|
|
nullable: true
|
|
bot_username:
|
|
type: string
|
|
description: Telegram bot username
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
required:
|
|
- bot_username
|
|
- component
|
|
- icon_themed_urls
|
|
- icon_url
|
|
- managed
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- pre_authentication_flow
|
|
- slug
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
TelegramSourcePropertyMapping:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Pm uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
expression:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object's component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- expression
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
TelegramSourcePropertyMappingRequest:
|
|
type: object
|
|
description: TelegramSourcePropertyMapping Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
expression:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- expression
|
|
- name
|
|
TelegramSourceRequest:
|
|
type: object
|
|
description: Source Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
description: Source's display Name.
|
|
slug:
|
|
type: string
|
|
minLength: 1
|
|
description: Internal source name, used in URLs.
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
enabled:
|
|
type: boolean
|
|
promoted:
|
|
type: boolean
|
|
description: When enabled, this source will be displayed as a prominent
|
|
button on the login page, instead of a small icon.
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when authenticating existing users.
|
|
enrollment_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow to use when enrolling new users.
|
|
user_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
group_property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
policy_engine_mode:
|
|
$ref: '#/components/schemas/PolicyEngineMode'
|
|
user_matching_mode:
|
|
allOf:
|
|
- $ref: '#/components/schemas/UserMatchingModeEnum'
|
|
description: How the source determines if an existing user should be authenticated
|
|
or a new user enrolled.
|
|
user_path_template:
|
|
type: string
|
|
minLength: 1
|
|
icon:
|
|
type: string
|
|
bot_username:
|
|
type: string
|
|
minLength: 1
|
|
description: Telegram bot username
|
|
bot_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
description: Telegram bot token
|
|
request_message_access:
|
|
type: boolean
|
|
description: Request access to send messages from your bot.
|
|
pre_authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used before authentication.
|
|
required:
|
|
- bot_token
|
|
- bot_username
|
|
- name
|
|
- pre_authentication_flow
|
|
- slug
|
|
Tenant:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
tenant_uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
schema_name:
|
|
type: string
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
ready:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- schema_name
|
|
- tenant_uuid
|
|
TenantAdminGroupRequestRequest:
|
|
type: object
|
|
description: Tenant admin group creation request serializer
|
|
properties:
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- user
|
|
TenantRecoveryKeyRequestRequest:
|
|
type: object
|
|
description: Tenant recovery key creation request serializer
|
|
properties:
|
|
user:
|
|
type: string
|
|
minLength: 1
|
|
duration_days:
|
|
type: integer
|
|
required:
|
|
- duration_days
|
|
- user
|
|
TenantRecoveryKeyResponse:
|
|
type: object
|
|
description: Tenant recovery key creation response serializer
|
|
properties:
|
|
expiry:
|
|
type: string
|
|
format: date-time
|
|
url:
|
|
type: string
|
|
required:
|
|
- expiry
|
|
- url
|
|
TenantRequest:
|
|
type: object
|
|
description: Tenant Serializer
|
|
properties:
|
|
schema_name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 63
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
ready:
|
|
type: boolean
|
|
required:
|
|
- name
|
|
- schema_name
|
|
ThemedUrls:
|
|
type: object
|
|
description: Themed URLs - maps theme names to URLs for light and dark themes
|
|
properties:
|
|
light:
|
|
type: string
|
|
nullable: true
|
|
dark:
|
|
type: string
|
|
nullable: true
|
|
Token:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Token uuid
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/User'
|
|
readOnly: true
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
- pk
|
|
- user_obj
|
|
TokenModel:
|
|
type: object
|
|
description: Serializer for BaseGrantModel and RefreshToken
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
provider:
|
|
$ref: '#/components/schemas/OAuth2Provider'
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
is_expired:
|
|
type: boolean
|
|
description: Check if token is expired yet.
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
scope:
|
|
type: array
|
|
items:
|
|
type: string
|
|
id_token:
|
|
type: string
|
|
description: Get the token's id_token as JSON String
|
|
readOnly: true
|
|
revoked:
|
|
type: boolean
|
|
required:
|
|
- id_token
|
|
- is_expired
|
|
- pk
|
|
- provider
|
|
- scope
|
|
- user
|
|
TokenRequest:
|
|
type: object
|
|
description: Token Serializer
|
|
properties:
|
|
managed:
|
|
type: string
|
|
nullable: true
|
|
minLength: 1
|
|
title: Managed by authentik
|
|
description: Objects that are managed by authentik. These objects are created
|
|
and updated automatically. This flag only indicates that an object can
|
|
be overwritten by migrations. You can still modify the objects via the
|
|
API, but expect changes to be overwritten in a later update.
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 255
|
|
pattern: ^[-a-zA-Z0-9_]+$
|
|
intent:
|
|
$ref: '#/components/schemas/IntentEnum'
|
|
user:
|
|
type: integer
|
|
description:
|
|
type: string
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
required:
|
|
- identifier
|
|
TokenSetKeyRequest:
|
|
type: object
|
|
description: Set token's key
|
|
properties:
|
|
key:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- key
|
|
TokenView:
|
|
type: object
|
|
description: Show token's current key
|
|
properties:
|
|
key:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- key
|
|
TransactionApplicationRequest:
|
|
type: object
|
|
description: Serializer for creating a provider and an application in one transaction
|
|
properties:
|
|
app:
|
|
$ref: '#/components/schemas/ApplicationRequest'
|
|
provider_model:
|
|
$ref: '#/components/schemas/ProviderModelEnum'
|
|
provider:
|
|
$ref: '#/components/schemas/modelRequest'
|
|
policy_bindings:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/TransactionPolicyBindingRequest'
|
|
required:
|
|
- app
|
|
- provider
|
|
- provider_model
|
|
TransactionApplicationResponse:
|
|
type: object
|
|
description: Transactional creation response
|
|
properties:
|
|
applied:
|
|
type: boolean
|
|
logs:
|
|
type: array
|
|
items:
|
|
type: string
|
|
required:
|
|
- applied
|
|
- logs
|
|
TransactionPolicyBindingRequest:
|
|
type: object
|
|
description: PolicyBindingSerializer which does not require target as target
|
|
is set implicitly
|
|
properties:
|
|
policy:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
user:
|
|
type: integer
|
|
nullable: true
|
|
negate:
|
|
type: boolean
|
|
description: Negates the outcome of the policy. Messages are unaffected.
|
|
enabled:
|
|
type: boolean
|
|
order:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: -2147483648
|
|
timeout:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Timeout after which Policy execution is terminated.
|
|
failure_result:
|
|
type: boolean
|
|
description: Result if the Policy execution fails.
|
|
required:
|
|
- order
|
|
TransportModeEnum:
|
|
enum:
|
|
- local
|
|
- webhook
|
|
- webhook_slack
|
|
- email
|
|
type: string
|
|
TypeCreate:
|
|
type: object
|
|
description: Types of an object that can be created
|
|
properties:
|
|
name:
|
|
type: string
|
|
description:
|
|
type: string
|
|
component:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
requires_enterprise:
|
|
type: boolean
|
|
default: false
|
|
deprecated:
|
|
type: boolean
|
|
default: false
|
|
required:
|
|
- component
|
|
- description
|
|
- model_name
|
|
- name
|
|
UiThemeEnum:
|
|
enum:
|
|
- automatic
|
|
- light
|
|
- dark
|
|
type: string
|
|
UniquePasswordPolicy:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Policy uuid
|
|
name:
|
|
type: string
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
bound_to:
|
|
type: integer
|
|
description: Return objects policy is bound to
|
|
readOnly: true
|
|
password_field:
|
|
type: string
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
required:
|
|
- bound_to
|
|
- component
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UniquePasswordPolicyRequest:
|
|
type: object
|
|
description: Password Uniqueness Policy Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
execution_logging:
|
|
type: boolean
|
|
description: When this option is enabled, all executions of this policy
|
|
will be logged. By default, only execution errors are logged.
|
|
password_field:
|
|
type: string
|
|
minLength: 1
|
|
description: Field key to check, field keys defined in Prompt stages are
|
|
available.
|
|
num_historical_passwords:
|
|
type: integer
|
|
maximum: 2147483647
|
|
minimum: 0
|
|
description: Number of passwords to check against.
|
|
required:
|
|
- name
|
|
UsageEnum:
|
|
enum:
|
|
- media
|
|
type: string
|
|
UsedBy:
|
|
type: object
|
|
description: A list of all objects referencing the queried object
|
|
properties:
|
|
app:
|
|
type: string
|
|
model_name:
|
|
type: string
|
|
pk:
|
|
type: string
|
|
name:
|
|
type: string
|
|
action:
|
|
$ref: '#/components/schemas/UsedByActionEnum'
|
|
required:
|
|
- action
|
|
- app
|
|
- model_name
|
|
- name
|
|
- pk
|
|
UsedByActionEnum:
|
|
enum:
|
|
- cascade
|
|
- cascade_many
|
|
- set_null
|
|
- set_default
|
|
- left_dangling
|
|
type: string
|
|
User:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
date_joined:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
groups_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/PartialGroup'
|
|
readOnly: true
|
|
nullable: true
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles_obj:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/Role'
|
|
readOnly: true
|
|
nullable: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
description: User's avatar, either a http/https URL or a data URI
|
|
readOnly: true
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
path:
|
|
type: string
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
uuid:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
password_change_date:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- date_joined
|
|
- groups_obj
|
|
- is_superuser
|
|
- last_updated
|
|
- name
|
|
- password_change_date
|
|
- pk
|
|
- roles_obj
|
|
- uid
|
|
- username
|
|
- uuid
|
|
UserAccountRequest:
|
|
type: object
|
|
description: Account adding/removing operations
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
required:
|
|
- pk
|
|
UserAccountSerializerForRoleRequest:
|
|
type: object
|
|
description: Account adding/removing operations
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
required:
|
|
- pk
|
|
UserAttributeEnum:
|
|
enum:
|
|
- username
|
|
- email
|
|
type: string
|
|
UserConsent:
|
|
type: object
|
|
description: UserConsent Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
expiring:
|
|
type: boolean
|
|
user:
|
|
$ref: '#/components/schemas/User'
|
|
application:
|
|
$ref: '#/components/schemas/Application'
|
|
permissions:
|
|
type: string
|
|
default: ''
|
|
required:
|
|
- application
|
|
- pk
|
|
- user
|
|
UserCreationModeEnum:
|
|
enum:
|
|
- never_create
|
|
- create_when_required
|
|
- always_create
|
|
type: string
|
|
UserDeleteStage:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserDeleteStageRequest:
|
|
type: object
|
|
description: UserDeleteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
UserFieldsEnum:
|
|
enum:
|
|
- email
|
|
- username
|
|
- upn
|
|
type: string
|
|
UserKerberosSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserKerberosSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserLDAPSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
user_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
- user_obj
|
|
UserLDAPSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserLoginChallenge:
|
|
type: object
|
|
description: Empty challenge
|
|
properties:
|
|
flow_info:
|
|
$ref: '#/components/schemas/ContextualFlowInfo'
|
|
component:
|
|
type: string
|
|
default: ak-stage-user-login
|
|
response_errors:
|
|
type: object
|
|
additionalProperties:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/ErrorDetail'
|
|
pending_user:
|
|
type: string
|
|
pending_user_avatar:
|
|
type: string
|
|
required:
|
|
- pending_user
|
|
- pending_user_avatar
|
|
UserLoginChallengeResponseRequest:
|
|
type: object
|
|
description: User login challenge
|
|
properties:
|
|
component:
|
|
type: string
|
|
minLength: 1
|
|
default: ak-stage-user-login
|
|
remember_me:
|
|
type: boolean
|
|
required:
|
|
- remember_me
|
|
UserLoginStage:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
session_duration:
|
|
type: string
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLoginStageRequest:
|
|
type: object
|
|
description: UserLoginStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
session_duration:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Determines how long a session lasts. Default of 0 means that
|
|
the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
terminate_other_sessions:
|
|
type: boolean
|
|
description: Terminate all other sessions of the user logging in.
|
|
remember_me_offset:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Offset the session will be extended by when the user picks
|
|
the remember me option. Default of 0 means that the remember me option
|
|
will not be shown. (Format: hours=-1;minutes=-2;seconds=-3)'
|
|
network_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/NetworkBindingEnum'
|
|
description: Bind sessions created by this stage to the configured network
|
|
geoip_binding:
|
|
allOf:
|
|
- $ref: '#/components/schemas/GeoipBindingEnum'
|
|
description: Bind sessions created by this stage to the configured GeoIP
|
|
location
|
|
remember_device:
|
|
type: string
|
|
minLength: 1
|
|
description: 'When set to a non-zero value, authentik will save a cookie
|
|
with a longer expiry,to remember the device the user is logging in from.
|
|
(Format: hours=-1;minutes=-2;seconds=-3)'
|
|
required:
|
|
- name
|
|
UserLogoutStage:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserLogoutStageRequest:
|
|
type: object
|
|
description: UserLogoutStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- name
|
|
UserMatchingModeEnum:
|
|
enum:
|
|
- identifier
|
|
- email_link
|
|
- email_deny
|
|
- username_link
|
|
- username_deny
|
|
type: string
|
|
UserOAuthSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserOAuthSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
access_token:
|
|
type: string
|
|
writeOnly: true
|
|
nullable: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserPasswordSetRequest:
|
|
type: object
|
|
description: Payload to set a users' password directly
|
|
properties:
|
|
password:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- password
|
|
UserPath:
|
|
type: object
|
|
properties:
|
|
paths:
|
|
type: array
|
|
items:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- paths
|
|
UserPlexSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserPlexSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
plex_token:
|
|
type: string
|
|
writeOnly: true
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- plex_token
|
|
- source
|
|
- user
|
|
UserRecoveryEmailRequest:
|
|
type: object
|
|
description: Payload to create and email a recovery link
|
|
properties:
|
|
token_duration:
|
|
type: string
|
|
minLength: 1
|
|
email_stage:
|
|
type: string
|
|
format: uuid
|
|
required:
|
|
- email_stage
|
|
UserRecoveryLinkRequest:
|
|
type: object
|
|
description: Payload to create a recovery link
|
|
properties:
|
|
token_duration:
|
|
type: string
|
|
minLength: 1
|
|
UserRequest:
|
|
type: object
|
|
description: User Serializer
|
|
properties:
|
|
username:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
last_login:
|
|
type: string
|
|
format: date-time
|
|
nullable: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
roles:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
attributes:
|
|
type: object
|
|
additionalProperties: {}
|
|
path:
|
|
type: string
|
|
minLength: 1
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
required:
|
|
- name
|
|
- username
|
|
UserSAMLSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserSAMLSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserSelf:
|
|
type: object
|
|
description: User Serializer for information a user can retrieve about themselves
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
username:
|
|
type: string
|
|
description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_
|
|
only.
|
|
pattern: ^[\w.@+-]+$
|
|
maxLength: 150
|
|
name:
|
|
type: string
|
|
description: User's display name.
|
|
is_active:
|
|
type: boolean
|
|
readOnly: true
|
|
title: Active
|
|
description: Designates whether this user should be treated as active. Unselect
|
|
this instead of deleting accounts.
|
|
is_superuser:
|
|
type: boolean
|
|
readOnly: true
|
|
groups:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSelfGroups'
|
|
readOnly: true
|
|
roles:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/UserSelfRoles'
|
|
readOnly: true
|
|
email:
|
|
type: string
|
|
format: email
|
|
title: Email address
|
|
maxLength: 254
|
|
avatar:
|
|
type: string
|
|
description: User's avatar, either a http/https URL or a data URI
|
|
readOnly: true
|
|
uid:
|
|
type: string
|
|
readOnly: true
|
|
settings:
|
|
type: object
|
|
additionalProperties: {}
|
|
description: Get user settings with brand and group settings applied
|
|
readOnly: true
|
|
type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
system_permissions:
|
|
type: array
|
|
items:
|
|
type: string
|
|
description: Get all system permissions assigned to the user
|
|
readOnly: true
|
|
required:
|
|
- avatar
|
|
- groups
|
|
- is_active
|
|
- is_superuser
|
|
- name
|
|
- pk
|
|
- roles
|
|
- settings
|
|
- system_permissions
|
|
- uid
|
|
- username
|
|
UserSelfGroups:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
UserSelfRoles:
|
|
type: object
|
|
properties:
|
|
name:
|
|
type: string
|
|
readOnly: true
|
|
pk:
|
|
type: string
|
|
readOnly: true
|
|
required:
|
|
- name
|
|
- pk
|
|
UserServiceAccountRequest:
|
|
type: object
|
|
description: Payload to create a service account
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
create_group:
|
|
type: boolean
|
|
default: false
|
|
expiring:
|
|
type: boolean
|
|
default: true
|
|
expires:
|
|
type: string
|
|
format: date-time
|
|
description: If not provided, valid for 360 days
|
|
required:
|
|
- name
|
|
UserServiceAccountResponse:
|
|
type: object
|
|
properties:
|
|
username:
|
|
type: string
|
|
token:
|
|
type: string
|
|
user_uid:
|
|
type: string
|
|
user_pk:
|
|
type: integer
|
|
group_pk:
|
|
type: string
|
|
required:
|
|
- token
|
|
- user_pk
|
|
- user_uid
|
|
- username
|
|
UserSetting:
|
|
type: object
|
|
description: Serializer for User settings for stages and sources
|
|
properties:
|
|
object_uid:
|
|
type: string
|
|
component:
|
|
type: string
|
|
title:
|
|
type: string
|
|
configure_url:
|
|
type: string
|
|
icon_url:
|
|
type: string
|
|
required:
|
|
- component
|
|
- object_uid
|
|
- title
|
|
UserSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserTelegramSourceConnection:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
source_obj:
|
|
allOf:
|
|
- $ref: '#/components/schemas/Source'
|
|
readOnly: true
|
|
identifier:
|
|
type: string
|
|
created:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
last_updated:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
required:
|
|
- created
|
|
- identifier
|
|
- last_updated
|
|
- pk
|
|
- source
|
|
- source_obj
|
|
- user
|
|
UserTelegramSourceConnectionRequest:
|
|
type: object
|
|
description: User source connection
|
|
properties:
|
|
user:
|
|
type: integer
|
|
source:
|
|
type: string
|
|
format: uuid
|
|
identifier:
|
|
type: string
|
|
minLength: 1
|
|
required:
|
|
- identifier
|
|
- source
|
|
- user
|
|
UserTypeEnum:
|
|
enum:
|
|
- internal
|
|
- external
|
|
- service_account
|
|
- internal_service_account
|
|
type: string
|
|
UserVerificationEnum:
|
|
enum:
|
|
- required
|
|
- preferred
|
|
- discouraged
|
|
type: string
|
|
UserWriteStage:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
pk:
|
|
type: string
|
|
format: uuid
|
|
readOnly: true
|
|
title: Stage uuid
|
|
name:
|
|
type: string
|
|
component:
|
|
type: string
|
|
description: Get object type so that we know how to edit the object
|
|
readOnly: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
flow_set:
|
|
type: array
|
|
items:
|
|
$ref: '#/components/schemas/FlowSet'
|
|
readOnly: true
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- component
|
|
- flow_set
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
UserWriteStageRequest:
|
|
type: object
|
|
description: UserWriteStage Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
user_creation_mode:
|
|
$ref: '#/components/schemas/UserCreationModeEnum'
|
|
create_users_as_inactive:
|
|
type: boolean
|
|
description: When set, newly created users are inactive and cannot login.
|
|
create_users_group:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Optionally add newly created users to this group.
|
|
user_type:
|
|
$ref: '#/components/schemas/UserTypeEnum'
|
|
user_path_template:
|
|
type: string
|
|
required:
|
|
- name
|
|
ValidationError:
|
|
type: object
|
|
description: Validation Error
|
|
properties:
|
|
non_field_errors:
|
|
type: array
|
|
items:
|
|
type: string
|
|
code:
|
|
type: string
|
|
additionalProperties: {}
|
|
VendorEnum:
|
|
enum:
|
|
- goauthentik.io/@merged
|
|
- goauthentik.io/platform
|
|
- fleetdm.com
|
|
- chrome.google.com
|
|
type: string
|
|
Version:
|
|
type: object
|
|
description: Get running and latest version.
|
|
properties:
|
|
version_current:
|
|
type: string
|
|
description: Get current version
|
|
readOnly: true
|
|
version_latest:
|
|
type: string
|
|
description: Get latest version from cache
|
|
readOnly: true
|
|
version_latest_valid:
|
|
type: boolean
|
|
description: Check if latest version is valid
|
|
readOnly: true
|
|
build_hash:
|
|
type: string
|
|
description: Get build hash, if version is not latest or released
|
|
readOnly: true
|
|
outdated:
|
|
type: boolean
|
|
description: Check if we're running the latest version
|
|
readOnly: true
|
|
outpost_outdated:
|
|
type: boolean
|
|
description: Check if any outpost is outdated/has a version mismatch
|
|
readOnly: true
|
|
required:
|
|
- build_hash
|
|
- outdated
|
|
- outpost_outdated
|
|
- version_current
|
|
- version_latest
|
|
- version_latest_valid
|
|
VersionHistory:
|
|
type: object
|
|
description: VersionHistory Serializer
|
|
properties:
|
|
id:
|
|
type: integer
|
|
readOnly: true
|
|
timestamp:
|
|
type: string
|
|
format: date-time
|
|
version:
|
|
type: string
|
|
build:
|
|
type: string
|
|
required:
|
|
- build
|
|
- id
|
|
- timestamp
|
|
- version
|
|
WSFederationProvider:
|
|
type: object
|
|
description: WSFederationProvider Serializer
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
component:
|
|
type: string
|
|
description: Get object component so that we know how to edit the object
|
|
readOnly: true
|
|
assigned_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_slug:
|
|
type: string
|
|
description: Internal application name, used in URLs.
|
|
readOnly: true
|
|
nullable: true
|
|
assigned_backchannel_application_name:
|
|
type: string
|
|
description: Application's display Name.
|
|
readOnly: true
|
|
nullable: true
|
|
verbose_name:
|
|
type: string
|
|
description: Return object's verbose_name
|
|
readOnly: true
|
|
verbose_name_plural:
|
|
type: string
|
|
description: Return object's plural verbose_name
|
|
readOnly: true
|
|
meta_model_name:
|
|
type: string
|
|
description: Return internal model name
|
|
readOnly: true
|
|
reply_url:
|
|
type: string
|
|
format: uri
|
|
wtrealm:
|
|
type: string
|
|
assertion_valid_not_before:
|
|
type: string
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
url_download_metadata:
|
|
type: string
|
|
description: Get metadata download URL
|
|
readOnly: true
|
|
url_wsfed:
|
|
type: string
|
|
description: Get WS-Fed url
|
|
readOnly: true
|
|
required:
|
|
- assigned_application_name
|
|
- assigned_application_slug
|
|
- assigned_backchannel_application_name
|
|
- assigned_backchannel_application_slug
|
|
- authorization_flow
|
|
- component
|
|
- invalidation_flow
|
|
- meta_model_name
|
|
- name
|
|
- pk
|
|
- reply_url
|
|
- url_download_metadata
|
|
- url_wsfed
|
|
- verbose_name
|
|
- verbose_name_plural
|
|
- wtrealm
|
|
WSFederationProviderRequest:
|
|
type: object
|
|
description: WSFederationProvider Serializer
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
authentication_flow:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
description: Flow used for authentication when the associated application
|
|
is accessed by an un-authenticated user.
|
|
authorization_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used when authorizing this provider.
|
|
invalidation_flow:
|
|
type: string
|
|
format: uuid
|
|
description: Flow used ending the session from a provider.
|
|
property_mappings:
|
|
type: array
|
|
items:
|
|
type: string
|
|
format: uuid
|
|
reply_url:
|
|
type: string
|
|
format: uri
|
|
minLength: 1
|
|
wtrealm:
|
|
type: string
|
|
minLength: 1
|
|
assertion_valid_not_before:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion valid not before current time + this value (Format:
|
|
hours=-1;minutes=-2;seconds=-3).'
|
|
assertion_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Assertion not valid on or after current time + this value
|
|
(Format: hours=1;minutes=2;seconds=3).'
|
|
session_valid_not_on_or_after:
|
|
type: string
|
|
minLength: 1
|
|
description: 'Session not valid on or after current time + this value (Format:
|
|
hours=1;minutes=2;seconds=3).'
|
|
name_id_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: NameID Property Mapping
|
|
description: Configure how the NameID value will be created. When left empty,
|
|
the NameIDPolicy of the incoming request will be considered
|
|
authn_context_class_ref_mapping:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: AuthnContextClassRef Property Mapping
|
|
description: Configure how the AuthnContextClassRef value will be created.
|
|
When left empty, the AuthnContextClassRef will be set based on which authentication
|
|
methods the user used to authenticate.
|
|
digest_algorithm:
|
|
$ref: '#/components/schemas/DigestAlgorithmEnum'
|
|
signature_algorithm:
|
|
$ref: '#/components/schemas/SignatureAlgorithmEnum'
|
|
signing_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Signing Keypair
|
|
description: Keypair used to sign outgoing Responses going to the Service
|
|
Provider.
|
|
encryption_kp:
|
|
type: string
|
|
format: uuid
|
|
nullable: true
|
|
title: Encryption Keypair
|
|
description: When selected, incoming assertions are encrypted by the IdP
|
|
using the public key of the encryption keypair. The assertion is decrypted
|
|
by the SP using the the private key.
|
|
sign_assertion:
|
|
type: boolean
|
|
sign_logout_request:
|
|
type: boolean
|
|
default_name_id_policy:
|
|
$ref: '#/components/schemas/SAMLNameIDPolicyEnum'
|
|
required:
|
|
- authorization_flow
|
|
- invalidation_flow
|
|
- name
|
|
- reply_url
|
|
- wtrealm
|
|
WebAuthnDevice:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
pk:
|
|
type: integer
|
|
readOnly: true
|
|
title: ID
|
|
name:
|
|
type: string
|
|
maxLength: 200
|
|
created_on:
|
|
type: string
|
|
format: date-time
|
|
readOnly: true
|
|
device_type:
|
|
allOf:
|
|
- $ref: '#/components/schemas/WebAuthnDeviceType'
|
|
readOnly: true
|
|
nullable: true
|
|
aaguid:
|
|
type: string
|
|
readOnly: true
|
|
user:
|
|
allOf:
|
|
- $ref: '#/components/schemas/PartialUser'
|
|
readOnly: true
|
|
required:
|
|
- aaguid
|
|
- created_on
|
|
- device_type
|
|
- name
|
|
- pk
|
|
- user
|
|
WebAuthnDeviceRequest:
|
|
type: object
|
|
description: Serializer for WebAuthn authenticator devices
|
|
properties:
|
|
name:
|
|
type: string
|
|
minLength: 1
|
|
maxLength: 200
|
|
required:
|
|
- name
|
|
WebAuthnDeviceType:
|
|
type: object
|
|
description: WebAuthnDeviceType Serializer
|
|
properties:
|
|
aaguid:
|
|
type: string
|
|
format: uuid
|
|
description:
|
|
type: string
|
|
required:
|
|
- aaguid
|
|
- description
|
|
WebAuthnHintEnum:
|
|
enum:
|
|
- security-key
|
|
- client-device
|
|
- hybrid
|
|
type: string
|
|
Worker:
|
|
type: object
|
|
properties:
|
|
worker_id:
|
|
type: string
|
|
version:
|
|
type: string
|
|
version_matching:
|
|
type: boolean
|
|
required:
|
|
- version
|
|
- version_matching
|
|
- worker_id
|
|
modelRequest:
|
|
oneOf:
|
|
- $ref: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
- $ref: '#/components/schemas/LDAPProviderRequest'
|
|
- $ref: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
- $ref: '#/components/schemas/OAuth2ProviderRequest'
|
|
- $ref: '#/components/schemas/ProxyProviderRequest'
|
|
- $ref: '#/components/schemas/RACProviderRequest'
|
|
- $ref: '#/components/schemas/RadiusProviderRequest'
|
|
- $ref: '#/components/schemas/SAMLProviderRequest'
|
|
- $ref: '#/components/schemas/SCIMProviderRequest'
|
|
- $ref: '#/components/schemas/SSFProviderRequest'
|
|
- $ref: '#/components/schemas/WSFederationProviderRequest'
|
|
discriminator:
|
|
propertyName: provider_model
|
|
mapping:
|
|
authentik_providers_google_workspace.googleworkspaceprovider: '#/components/schemas/GoogleWorkspaceProviderRequest'
|
|
authentik_providers_ldap.ldapprovider: '#/components/schemas/LDAPProviderRequest'
|
|
authentik_providers_microsoft_entra.microsoftentraprovider: '#/components/schemas/MicrosoftEntraProviderRequest'
|
|
authentik_providers_oauth2.oauth2provider: '#/components/schemas/OAuth2ProviderRequest'
|
|
authentik_providers_proxy.proxyprovider: '#/components/schemas/ProxyProviderRequest'
|
|
authentik_providers_rac.racprovider: '#/components/schemas/RACProviderRequest'
|
|
authentik_providers_radius.radiusprovider: '#/components/schemas/RadiusProviderRequest'
|
|
authentik_providers_saml.samlprovider: '#/components/schemas/SAMLProviderRequest'
|
|
authentik_providers_scim.scimprovider: '#/components/schemas/SCIMProviderRequest'
|
|
authentik_providers_ssf.ssfprovider: '#/components/schemas/SSFProviderRequest'
|
|
authentik_providers_ws_federation.wsfederationprovider: '#/components/schemas/WSFederationProviderRequest'
|
|
securitySchemes:
|
|
authentik:
|
|
type: http
|
|
scheme: bearer
|
|
servers:
|
|
- url: /api/v3
|