From 1324d03815266a4237d2a718d57a75d6d53e7de4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 15 May 2021 23:57:28 +0200 Subject: [PATCH] *: initial migration to openapi v3 Signed-off-by: Jens Langhammer --- Makefile | 4 +- Pipfile | 1 + Pipfile.lock | 73 +- authentik/admin/api/meta.py | 4 +- authentik/admin/api/metrics.py | 8 +- authentik/admin/api/tasks.py | 10 +- authentik/admin/api/version.py | 4 +- authentik/api/auth.py | 13 + authentik/api/pagination_schema.py | 97 - authentik/api/schema.py | 102 - authentik/api/v2/config.py | 4 +- authentik/api/v2/urls.py | 20 +- authentik/core/api/applications.py | 30 +- authentik/core/api/propertymappings.py | 18 +- authentik/core/api/providers.py | 4 +- authentik/core/api/sources.py | 6 +- authentik/core/api/tokens.py | 4 +- authentik/core/api/users.py | 14 +- authentik/core/api/utils.py | 3 + authentik/crypto/api.py | 28 +- authentik/events/api/event.py | 24 +- .../events/api/notification_transport.py | 7 +- authentik/flows/api/flows.py | 49 +- authentik/flows/api/stages.py | 6 +- authentik/flows/views.py | 32 +- .../api/outpost_service_connections.py | 6 +- authentik/outposts/api/outposts.py | 6 +- authentik/policies/api/policies.py | 15 +- authentik/providers/oauth2/api/provider.py | 10 +- authentik/providers/proxy/api.py | 4 +- authentik/providers/saml/api.py | 18 +- authentik/root/settings.py | 22 +- authentik/sources/ldap/api.py | 6 +- authentik/sources/oauth/api/source.py | 6 +- authentik/sources/plex/api.py | 16 +- authentik/sources/saml/api.py | 4 +- authentik/stages/email/api.py | 4 +- schema.yml | 21751 ++++++++++++++++ 38 files changed, 22004 insertions(+), 429 deletions(-) delete mode 100644 authentik/api/pagination_schema.py delete mode 100644 authentik/api/schema.py create mode 100644 schema.yml diff --git a/Makefile b/Makefile index 242d727f8..9d2a0c53b 100644 --- a/Makefile +++ b/Makefile @@ -26,11 +26,11 @@ lint: pylint authentik tests lifecycle gen: - ./manage.py generate_swagger -o swagger.yaml -f yaml + ./manage.py spectacular --file schema.yml docker run \ --rm -v ${PWD}:/local \ openapitools/openapi-generator-cli generate \ - -i /local/swagger.yaml \ + -i /local/schema.yml \ -g typescript-fetch \ -o /local/web/api \ --additional-properties=typescriptThreePlus=true,supportsES6=true,npmName=authentik-api,npmVersion=1.0.0 diff --git a/Pipfile b/Pipfile index 96c6a3006..57d2bb40b 100644 --- a/Pipfile +++ b/Pipfile @@ -44,6 +44,7 @@ urllib3 = {extras = ["secure"],version = "*"} uvicorn = {extras = ["standard"],version = "*"} webauthn = "*" xmlsec = "*" +drf-spectacular = "*" [requires] python_version = "3.9" diff --git a/Pipfile.lock b/Pipfile.lock index e2a5645fc..d63693f0d 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "8a32708c1c04f8da03c817df973de28c37c97ee773f571ce0b3f3f834e1b7094" + "sha256": "f38fd1bd4336a968ebb88f80874dd0d683b79f962551e4aff536322360a90b0d" }, "pipfile-spec": 6, "requires": { @@ -122,18 +122,19 @@ }, "boto3": { "hashes": [ - "sha256:3317722a1e9acbfc0d30cdf273d1708c823ceb19309e9cd91cac8a3604762341", - "sha256:ee3317fd79b443ef102469fac393a1ffb650ea51ac4fc27464013872c5e1ce31" + "sha256:13cfe0e3ae1bdc7baf4272b1814a7e760fbb508b19d6ac3f472a6bbd64baad61", + "sha256:ce08b88a2d7a0ad8edb385f84ea4914296fee6813c66ebf0def956d5278de793" ], "index": "pypi", - "version": "==1.17.72" + "version": "==1.17.73" }, "botocore": { "hashes": [ - "sha256:0fa93a2e2daad5791c63ee526ada66896cc483d04cb2d32bfcadfeb881203453" + "sha256:4b4aa58c61d4b125bc6ec1597924b2749e19de8f2c9a374ac087aa2561e71828", + "sha256:69dc0b6fdc0855f5a4f8b1d29c96b9cec44e71054fea0f968e5904d6ccfd4fd9" ], "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", - "version": "==1.20.72" + "version": "==1.20.73" }, "cachetools": { "hashes": [ @@ -415,6 +416,14 @@ "index": "pypi", "version": "==5.0.0" }, + "drf-spectacular": { + "hashes": [ + "sha256:4a77c233c99e028b8905cd2cf05388524838ade97b95d5c6e4861e0c3c95af31", + "sha256:d7f64b97e8940b143a0e8d1de20523e8d7d5fe8ec557aec574513282c413b0b3" + ], + "index": "pypi", + "version": "==0.16.0" + }, "drf-yasg": { "hashes": [ "sha256:8b72e5b1875931a8d11af407be3a9a5ba8776541492947a0df5bafda6b7f8267", @@ -614,11 +623,11 @@ }, "ldap3": { "hashes": [ - "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57", "sha256:18c3ee656a6775b9b0d60f7c6c5b094d878d1d90fc03d56731039f0a4b546a91", + "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59", "sha256:8c949edbad2be8a03e719ba48bd6779f327ec156929562814b3e84ab56889c8c", "sha256:afc6fc0d01f02af82cd7bfabd3bbfd5dc96a6ae91e97db0a2dab8a0f1b436056", - "sha256:4139c91f0eef9782df7b77c8cbc6243086affcb6a8a249b768a9658438e5da59" + "sha256:c1df41d89459be6f304e0ceec4b00fdea533dbbcd83c802b1272dcdb94620b57" ], "index": "pypi", "version": "==2.9" @@ -873,37 +882,37 @@ }, "pyasn1": { "hashes": [ + "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", + "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:0458773cfe65b153891ac249bcf1b5f8f320b7c2ce462151f8fa74de8934becf", + "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", "sha256:39c7e2ec30515947ff4e87fb6f456dfc6e84857d34be479c9d4a4ba4bf46aa5d", "sha256:5c9414dcfede6e441f7e8f81b43b34e834731003427e5b09e4e00e3172a10f00", - "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", - "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", - "sha256:014c0e9976956a08139dc0712ae195324a75e142284d5f87f1a87ee1b068a359", - "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3", - "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", - "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", - "sha256:03840c999ba71680a131cfaee6fab142e1ed9bbd9c693e285cc6aca0d555e576", "sha256:6e7545f1a61025a4e58bb336952c5061697da694db1cae97b116e9c46abcf7c8", - "sha256:08c3c53b75eaa48d71cf8c710312316392ed40899cb34710d092e96745a358b7", - "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2" + "sha256:78fa6da68ed2727915c4767bb386ab32cdba863caa7dbe473eaae45f9959da86", + "sha256:7ab8a544af125fb704feadb008c99a88805126fb525280b2270bb25cc1d78a12", + "sha256:99fcc3c8d804d1bc6d9a099921e39d827026409a58f2a720dcdb89374ea0c776", + "sha256:aef77c9fb94a3ac588e87841208bdec464471d9871bd5050a287cc9a475cd0ba", + "sha256:e89bf84b5437b532b0803ba5c9a5e054d21fec423a89952a74f87fa2c9b7bce2", + "sha256:fec3e9d8e36808a28efb59b489e4528c10ad0f480e57dcc32b4de5c9d8c9fdf3" ], "version": "==0.4.8" }, "pyasn1-modules": { "hashes": [ - "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", - "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", - "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", - "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", - "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", - "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", "sha256:0845a5582f6a02bb3e1bde9ecfc4bfcae6ec3210dd270522fee602365430c3f8", + "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199", + "sha256:15b7c67fabc7fc240d87fb9aabf999cf82311a6d6fb2c70d00d3d0604878c811", + "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", + "sha256:65cebbaffc913f4fe9e4808735c95ea22d7a7775646ab690518c056784bc21b4", "sha256:905f84c712230b2c592c19470d3ca8d552de726050d1d1716282a1f6146be65e", "sha256:a50b808ffeb97cb3601dd25981f6b016cbb3d31fbf57a8b8a87428e6158d0c74", "sha256:a99324196732f53093a84c4369c996713eb8c89d360a496b599fb1a9c47fc3eb", - "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405", - "sha256:426edb7a5e8879f1ec54a1864f16b882c2837bfd06eee62f2c982315ee2473ed", - "sha256:0fe1b68d1e486a1ed5473f1302bd991c1611d319bba158e98b106ff86e1d7199" + "sha256:b80486a6c77252ea3a3e9b1e360bc9cf28eaac41263d173c032581ad2f20fe45", + "sha256:c29a5e5cc7a3f05926aff34e097e84f8589cd790ce0ed41b67aed6857b26aafd", + "sha256:cbac4bc38d117f2a49aeedec4407d23e8866ea4ac27ff2cf7fb3e5b570df19e0", + "sha256:f39edd8c4ecaa4556e989147ebf219227e2cd2e8a43c7e7fcb1f1c18c5fd6a3d", + "sha256:fe0644d9ab041506b62782e92b06b8c68cca799e1a9636ec398675459e031405" ], "version": "==0.2.8" }, @@ -1602,11 +1611,11 @@ }, "gitpython": { "hashes": [ - "sha256:2bfcd25e6b81fe431fa3ab1f0975986cfddabf7870a323c183f3afbc9447c0c5", - "sha256:37ac36cacf2e2be5e88f0810187c5833e71c1a2a8cf81588f5699d1b70183baa" + "sha256:29fe82050709760081f588dd50ce83504feddbebdc4da6956d02351552b1c135", + "sha256:ee24bdc93dce357630764db659edaf6b8d664d4ff5447ccfeedd2dc5c253f41e" ], "markers": "python_version >= '3.5'", - "version": "==3.1.16" + "version": "==3.1.17" }, "idna": { "hashes": [ @@ -1752,11 +1761,11 @@ }, "pytest-django": { "hashes": [ - "sha256:80f8875226ec4dc0b205f0578072034563879d98d9b1bec143a80b9045716cb0", - "sha256:a51150d8962200250e850c6adcab670779b9c2aa07271471059d1fb92a843fa9" + "sha256:d1c6758a592fb0ef8abaa2fe12dd28858c1dcfc3d466102ffe52aa8934733dca", + "sha256:f96c4556f4e7b15d987dd1dcc1d1526df81d40c1548d31ce840d597ed2be8c46" ], "index": "pypi", - "version": "==4.2.0" + "version": "==4.3.0" }, "pyyaml": { "hashes": [ diff --git a/authentik/admin/api/meta.py b/authentik/admin/api/meta.py index 485a3e266..36c3edab1 100644 --- a/authentik/admin/api/meta.py +++ b/authentik/admin/api/meta.py @@ -1,5 +1,5 @@ """Meta API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import CharField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request @@ -22,7 +22,7 @@ class AppsViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: AppSerializer(many=True)}) + @extend_schema(responses={200: AppSerializer(many=True)}) def list(self, request: Request) -> Response: """List current messages and pass into Serializer""" data = [] diff --git a/authentik/admin/api/metrics.py b/authentik/admin/api/metrics.py index d9d6b2dc4..3bfd2dfdb 100644 --- a/authentik/admin/api/metrics.py +++ b/authentik/admin/api/metrics.py @@ -7,7 +7,7 @@ from django.db.models import Count, ExpressionWrapper, F from django.db.models.fields import DurationField from django.db.models.functions import ExtractHour from django.utils.timezone import now -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.fields import IntegerField, SerializerMethodField from rest_framework.permissions import IsAdminUser from rest_framework.request import Request @@ -58,12 +58,12 @@ class LoginMetricsSerializer(PassiveSerializer): logins_per_1h = SerializerMethodField() logins_failed_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" return get_events_per_1h(action=EventAction.LOGIN_FAILED) @@ -74,7 +74,7 @@ class AdministrationMetricsViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema(responses={200: LoginMetricsSerializer(many=False)}) + @extend_schema(responses={200: LoginMetricsSerializer(many=False)}) def list(self, request: Request) -> Response: """Login Metrics per 1h""" serializer = LoginMetricsSerializer(True) diff --git a/authentik/admin/api/tasks.py b/authentik/admin/api/tasks.py index bec34cdd1..2e87b208b 100644 --- a/authentik/admin/api/tasks.py +++ b/authentik/admin/api/tasks.py @@ -4,7 +4,7 @@ from importlib import import_module from django.contrib import messages from django.http.response import Http404 from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ChoiceField, DateTimeField, ListField from rest_framework.permissions import IsAdminUser @@ -35,9 +35,7 @@ class TaskViewSet(ViewSet): permission_classes = [IsAdminUser] - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} - ) + @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) # pylint: disable=invalid-name def retrieve(self, request: Request, pk=None) -> Response: """Get a single system task""" @@ -46,13 +44,13 @@ class TaskViewSet(ViewSet): raise Http404 return Response(TaskSerializer(task, many=False).data) - @swagger_auto_schema(responses={200: TaskSerializer(many=True)}) + @extend_schema(responses={200: TaskSerializer(many=True)}) def list(self, request: Request) -> Response: """List system tasks""" tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name) return Response(TaskSerializer(tasks, many=True).data) - @swagger_auto_schema( + @extend_schema( responses={ 204: "Task retried successfully", 404: "Task not found", diff --git a/authentik/admin/api/version.py b/authentik/admin/api/version.py index 0397cc897..04d6d73c4 100644 --- a/authentik/admin/api/version.py +++ b/authentik/admin/api/version.py @@ -2,7 +2,7 @@ from os import environ from django.core.cache import cache -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from packaging.version import parse from rest_framework.fields import SerializerMethodField from rest_framework.mixins import ListModelMixin @@ -57,7 +57,7 @@ class VersionViewSet(ListModelMixin, GenericViewSet): def get_queryset(self): # pragma: no cover return None - @swagger_auto_schema(responses={200: VersionSerializer(many=False)}) + @extend_schema(responses={200: VersionSerializer(many=False)}) def list(self, request: Request) -> Response: """Get running and latest version.""" return Response(VersionSerializer(True).data) diff --git a/authentik/api/auth.py b/authentik/api/auth.py index 97f821b56..852f1d9db 100644 --- a/authentik/api/auth.py +++ b/authentik/api/auth.py @@ -7,6 +7,7 @@ from rest_framework.authentication import BaseAuthentication, get_authorization_ from rest_framework.exceptions import AuthenticationFailed from rest_framework.request import Request from structlog.stdlib import get_logger +from drf_spectacular.authentication import OpenApiAuthenticationExtension from authentik.core.models import Token, TokenIntents, User @@ -55,3 +56,15 @@ class AuthentikTokenAuthentication(BaseAuthentication): return None return (token.user, None) # pragma: no cover + + +class TokenSchema(OpenApiAuthenticationExtension): + target_class = AuthentikTokenAuthentication + name = 'authentik' + + def get_security_definition(self, auto_schema): + return { + 'type': 'apiKey', + 'in': 'header', + 'name': 'Authorization', + } diff --git a/authentik/api/pagination_schema.py b/authentik/api/pagination_schema.py deleted file mode 100644 index 3d4f86c61..000000000 --- a/authentik/api/pagination_schema.py +++ /dev/null @@ -1,97 +0,0 @@ -"""Swagger Pagination Schema class""" -from typing import OrderedDict - -from drf_yasg import openapi -from drf_yasg.inspectors import PaginatorInspector - - -class PaginationInspector(PaginatorInspector): - """Swagger Pagination Schema class""" - - def get_paginated_response(self, paginator, response_schema): - """ - :param BasePagination paginator: the paginator - :param openapi.Schema response_schema: the response schema that must be paged. - :rtype: openapi.Schema - """ - - return openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ( - "pagination", - openapi.Schema( - type=openapi.TYPE_OBJECT, - properties=OrderedDict( - ( - ("next", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "previous", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ("count", openapi.Schema(type=openapi.TYPE_NUMBER)), - ( - "current", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "total_pages", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "start_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ( - "end_index", - openapi.Schema(type=openapi.TYPE_NUMBER), - ), - ) - ), - required=[ - "next", - "previous", - "count", - "current", - "total_pages", - "start_index", - "end_index", - ], - ), - ), - ("results", response_schema), - ) - ), - required=["results", "pagination"], - ) - - def get_paginator_parameters(self, paginator): - """ - Get the pagination parameters for a single paginator **instance**. - - Should return :data:`.NotHandled` if this inspector - does not know how to handle the given `paginator`. - - :param BasePagination paginator: the paginator - :rtype: list[openapi.Parameter] - """ - - return [ - openapi.Parameter( - "page", - openapi.IN_QUERY, - "Page Index", - False, - None, - openapi.TYPE_INTEGER, - ), - openapi.Parameter( - "page_size", - openapi.IN_QUERY, - "Page Size", - False, - None, - openapi.TYPE_INTEGER, - ), - ] diff --git a/authentik/api/schema.py b/authentik/api/schema.py deleted file mode 100644 index f60b333b8..000000000 --- a/authentik/api/schema.py +++ /dev/null @@ -1,102 +0,0 @@ -"""Error Response schema, from https://github.com/axnsan12/drf-yasg/issues/224""" -from drf_yasg import openapi -from drf_yasg.inspectors.view import SwaggerAutoSchema -from drf_yasg.utils import force_real_str, is_list_view -from rest_framework import exceptions, status -from rest_framework.settings import api_settings - - -class ErrorResponseAutoSchema(SwaggerAutoSchema): - """Inspector which includes an error schema""" - - def get_generic_error_schema(self): - """Get a generic error schema""" - return openapi.Schema( - "Generic API Error", - type=openapi.TYPE_OBJECT, - properties={ - "detail": openapi.Schema( - type=openapi.TYPE_STRING, description="Error details" - ), - "code": openapi.Schema( - type=openapi.TYPE_STRING, description="Error code" - ), - }, - required=["detail"], - ) - - def get_validation_error_schema(self): - """Get a generic validation error schema""" - return openapi.Schema( - "Validation Error", - type=openapi.TYPE_OBJECT, - properties={ - api_settings.NON_FIELD_ERRORS_KEY: openapi.Schema( - description="List of validation errors not related to any field", - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - }, - additional_properties=openapi.Schema( - description=( - "A list of error messages for each " - "field that triggered a validation error" - ), - type=openapi.TYPE_ARRAY, - items=openapi.Schema(type=openapi.TYPE_STRING), - ), - ) - - def get_response_serializers(self): - responses = super().get_response_serializers() - definitions = self.components.with_scope( - openapi.SCHEMA_DEFINITIONS - ) # type: openapi.ReferenceResolver - - definitions.setdefault("GenericError", self.get_generic_error_schema) - definitions.setdefault("ValidationError", self.get_validation_error_schema) - definitions.setdefault("APIException", self.get_generic_error_schema) - - if self.get_request_serializer() or self.get_query_serializer(): - responses.setdefault( - exceptions.ValidationError.status_code, - openapi.Response( - description=force_real_str( - exceptions.ValidationError.default_detail - ), - schema=openapi.SchemaRef(definitions, "ValidationError"), - ), - ) - - security = self.get_security() - if security is None or len(security) > 0: - # Note: 401 error codes are coerced into 403 see - # rest_framework/views.py:433:handle_exception - # This is b/c the API uses token auth which doesn't have WWW-Authenticate header - responses.setdefault( - status.HTTP_403_FORBIDDEN, - openapi.Response( - description="Authentication credentials were invalid, absent or insufficient.", - schema=openapi.SchemaRef(definitions, "GenericError"), - ), - ) - if not is_list_view(self.path, self.method, self.view): - responses.setdefault( - exceptions.PermissionDenied.status_code, - openapi.Response( - description="Permission denied.", - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - responses.setdefault( - exceptions.NotFound.status_code, - openapi.Response( - description=( - "Object does not exist or caller " - "has insufficient permissions to access it." - ), - schema=openapi.SchemaRef(definitions, "APIException"), - ), - ) - - return responses diff --git a/authentik/api/v2/config.py b/authentik/api/v2/config.py index 808d0525c..49e9f508a 100644 --- a/authentik/api/v2/config.py +++ b/authentik/api/v2/config.py @@ -1,5 +1,5 @@ """core Configs API""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.fields import BooleanField, CharField, ListField from rest_framework.permissions import AllowAny from rest_framework.request import Request @@ -34,7 +34,7 @@ class ConfigsViewSet(ViewSet): permission_classes = [AllowAny] - @swagger_auto_schema(responses={200: ConfigSerializer(many=False)}) + @extend_schema(responses={200: ConfigSerializer(many=False)}) def list(self, request: Request) -> Response: """Retrive public configuration options""" config = ConfigSerializer( diff --git a/authentik/api/v2/urls.py b/authentik/api/v2/urls.py index d46be9528..ce2a5b128 100644 --- a/authentik/api/v2/urls.py +++ b/authentik/api/v2/urls.py @@ -1,7 +1,6 @@ """api v2 urls""" from django.urls import path, re_path -from drf_yasg import openapi -from drf_yasg.views import get_schema_view +from drf_spectacular.views import SpectacularAPIView from rest_framework import routers from rest_framework.permissions import AllowAny @@ -196,17 +195,6 @@ router.register("stages/user_write", UserWriteStageViewSet) router.register("stages/dummy", DummyStageViewSet) router.register("policies/dummy", DummyPolicyViewSet) -info = openapi.Info( - title="authentik API", - default_version="v2beta", - contact=openapi.Contact(email="hello@beryju.org"), - license=openapi.License( - name="GNU GPLv3", - url="https://github.com/goauthentik/authentik/blob/master/LICENSE", - ), -) -SchemaView = get_schema_view(info, public=True, permission_classes=(AllowAny,)) - urlpatterns = ( [ path("", SwaggerView.as_view(), name="swagger"), @@ -218,10 +206,6 @@ urlpatterns = ( FlowExecutorView.as_view(), name="flow-executor", ), - re_path( - r"^swagger(?P\.json|\.yaml)$", - SchemaView.without_ui(cache_timeout=0), - name="schema-json", - ), + path("schema/", SpectacularAPIView.as_view(), name="schema"), ] ) diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index bcbb29b8c..9ae803332 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -5,8 +5,8 @@ from django.core.cache import cache from django.db.models import QuerySet from django.http.response import HttpResponseBadRequest from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import SerializerMethodField from rest_framework.parsers import MultiPartParser @@ -92,7 +92,7 @@ class ApplicationViewSet(ModelViewSet): applications.append(application) return applications - @swagger_auto_schema( + @extend_schema( responses={ 204: "Access granted", 403: "Access denied", @@ -111,12 +111,12 @@ class ApplicationViewSet(ModelViewSet): return Response(status=204) return Response(status=403) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="superuser_full_list", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ] ) @@ -151,13 +151,13 @@ class ApplicationViewSet(ModelViewSet): return self.get_paginated_response(serializer.data) @permission_required("authentik_core.change_application") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: In Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -184,7 +184,7 @@ class ApplicationViewSet(ModelViewSet): @permission_required( "authentik_core.view_application", ["authentik_events.view_event"] ) - @swagger_auto_schema(responses={200: CoordinateSerializer(many=True)}) + @extend_schema(responses={200: CoordinateSerializer(many=True)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument def metrics(self, request: Request, slug: str): diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py index fc1954b49..8904ac32b 100644 --- a/authentik/core/api/propertymappings.py +++ b/authentik/core/api/propertymappings.py @@ -1,8 +1,8 @@ """PropertyMapping API Views""" from json import dumps -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -81,7 +81,7 @@ class PropertyMappingViewSet( def get_queryset(self): return PropertyMapping.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable property-mapping types""" @@ -100,14 +100,14 @@ class PropertyMappingViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required("authentik_core.view_propertymapping") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), + @extend_schema( + request=PolicyTestSerializer(), responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"}, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="format_result", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) diff --git a/authentik/core/api/providers.py b/authentik/core/api/providers.py index f4f8ec22d..5e4042603 100644 --- a/authentik/core/api/providers.py +++ b/authentik/core/api/providers.py @@ -1,6 +1,6 @@ """Provider API Views""" from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField @@ -66,7 +66,7 @@ class ProviderViewSet( def get_queryset(self): return Provider.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable provider types""" diff --git a/authentik/core/api/sources.py b/authentik/core/api/sources.py index e1da3a2fb..7a4b795b7 100644 --- a/authentik/core/api/sources.py +++ b/authentik/core/api/sources.py @@ -1,7 +1,7 @@ """Source API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.request import Request @@ -64,7 +64,7 @@ class SourceViewSet( def get_queryset(self): return Source.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable source types""" @@ -87,7 +87,7 @@ class SourceViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: UserSettingSerializer(many=True)}) + @extend_schema(responses={200: UserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all sources the user can configure""" diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index db07f4c9d..793338271 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -1,6 +1,6 @@ """Tokens API Viewset""" from django.http.response import Http404 -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField from rest_framework.request import Request @@ -67,7 +67,7 @@ class TokenViewSet(ModelViewSet): serializer.save(user=self.request.user, intent=TokenIntents.INTENT_API) @permission_required("authentik_core.view_token_key") - @swagger_auto_schema( + @extend_schema( responses={ 200: TokenViewSerializer(many=False), 404: "Token not found or expired", diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py index a3f315678..c92676162 100644 --- a/authentik/core/api/users.py +++ b/authentik/core/api/users.py @@ -7,7 +7,7 @@ from django.urls import reverse_lazy from django.utils.http import urlencode from django_filters.filters import BooleanFilter, CharFilter from django_filters.filterset import FilterSet -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from guardian.utils import get_anonymous_user from rest_framework.decorators import action from rest_framework.fields import CharField, JSONField, SerializerMethodField @@ -77,13 +77,13 @@ class UserMetricsSerializer(PassiveSerializer): logins_failed_per_1h = SerializerMethodField() authorizations_per_1h = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_per_1h(self, _): """Get successful logins per hour for the last 24 hours""" user = self.context["user"] return get_events_per_1h(action=EventAction.LOGIN, user__pk=user.pk) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_logins_failed_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -91,7 +91,7 @@ class UserMetricsSerializer(PassiveSerializer): action=EventAction.LOGIN_FAILED, context__username=user.username ) - @swagger_serializer_method(serializer_or_field=CoordinateSerializer(many=True)) + @extend_schema_field(CoordinateSerializer(many=True)) def get_authorizations_per_1h(self, _): """Get failed logins per hour for the last 24 hours""" user = self.context["user"] @@ -142,7 +142,7 @@ class UserViewSet(ModelViewSet): def get_queryset(self): return User.objects.all().exclude(pk=get_anonymous_user().pk) - @swagger_auto_schema(responses={200: SessionUserSerializer(many=False)}) + @extend_schema(responses={200: SessionUserSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name def me(self, request: Request) -> Response: @@ -158,7 +158,7 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.view_user", ["authentik_events.view_event"]) - @swagger_auto_schema(responses={200: UserMetricsSerializer(many=False)}) + @extend_schema(responses={200: UserMetricsSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=invalid-name, unused-argument def metrics(self, request: Request, pk: int) -> Response: @@ -169,7 +169,7 @@ class UserViewSet(ModelViewSet): return Response(serializer.data) @permission_required("authentik_core.reset_user_password") - @swagger_auto_schema( + @extend_schema( responses={"200": LinkSerializer(many=False), "404": "No recovery flow found."}, ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/core/api/utils.py b/authentik/core/api/utils.py index 7b8a98872..380208e08 100644 --- a/authentik/core/api/utils.py +++ b/authentik/core/api/utils.py @@ -28,6 +28,9 @@ class PassiveSerializer(Serializer): ) -> Model: # pragma: no cover return Model() + class Meta: + model = Model + class MetaNameSerializer(PassiveSerializer): """Add verbose names to response""" diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index d07d6b722..c277f3c45 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -5,8 +5,8 @@ from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.x509 import load_pem_x509_certificate from django.http.response import HttpResponse from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import ( CharField, @@ -125,8 +125,8 @@ class CertificateKeyPairViewSet(ModelViewSet): filterset_class = CertificateKeyPairFilter @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) - @swagger_auto_schema( - request_body=CertificateGenerationSerializer(), + @extend_schema( + request=CertificateGenerationSerializer(), responses={200: CertificateKeyPairSerializer, 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -147,12 +147,12 @@ class CertificateKeyPairViewSet(ModelViewSet): serializer = self.get_serializer(instance) return Response(serializer.data) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, @@ -180,12 +180,12 @@ class CertificateKeyPairViewSet(ModelViewSet): CertificateDataSerializer({"data": certificate.certificate_data}).data ) - @swagger_auto_schema( - manual_parameters=[ - openapi.Parameter( + @extend_schema( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], responses={200: CertificateDataSerializer(many=False)}, diff --git a/authentik/events/api/event.py b/authentik/events/api/event.py index 6246f7b1c..307593e2e 100644 --- a/authentik/events/api/event.py +++ b/authentik/events/api/event.py @@ -1,8 +1,9 @@ """Events API Views""" +from drf_spectacular.types import OpenApiTypes import django_filters from django.db.models.aggregates import Count from django.db.models.fields.json import KeyTextTransform -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import OpenApiParameter, extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.fields import CharField, DictField, IntegerField @@ -38,12 +39,6 @@ class EventSerializer(ModelSerializer): ] -class EventTopPerUserParams(PassiveSerializer): - """Query params for top_per_user""" - - top_n = IntegerField(default=15) - - class EventTopPerUserSerializer(PassiveSerializer): """Response object of Event's top_per_user""" @@ -111,10 +106,17 @@ class EventViewSet(ReadOnlyModelViewSet): ] filterset_class = EventsFilter - @swagger_auto_schema( - method="GET", + @extend_schema( + methods=["GET"], responses={200: EventTopPerUserSerializer(many=True)}, - query_serializer=EventTopPerUserParams, + parameters=[ + OpenApiParameter( + "top_n", + type=OpenApiTypes.INT, + location=OpenApiParameter.QUERY, + required=False, + ) + ] ) @action(detail=False, methods=["GET"]) def top_per_user(self, request: Request): @@ -134,7 +136,7 @@ class EventViewSet(ReadOnlyModelViewSet): .order_by("-counted_events")[:top_n] ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def actions(self, request: Request) -> Response: """Get all actions""" diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index a688f120d..24225e39e 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -1,5 +1,6 @@ """NotificationTransport API Views""" -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.request import Request @@ -58,12 +59,12 @@ class NotificationTransportViewSet(ModelViewSet): serializer_class = NotificationTransportSerializer @permission_required("authentik_events.change_notificationtransport") - @swagger_auto_schema( + @extend_schema( responses={ 200: NotificationTransportTestSerializer(many=False), 503: "Failed to test transport", }, - request_body=no_body, + request=OpenApiTypes.NONE, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["post"]) # pylint: disable=invalid-name, unused-argument diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index 7fddfc3c5..4d2f11455 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -6,8 +6,13 @@ from django.db.models import Model from django.http.response import HttpResponseBadRequest, JsonResponse from django.urls import reverse from django.utils.translation import gettext as _ -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import ( + OpenApiParameter, + OpenApiResponse, + OpenApiSchemaBase, + extend_schema, +) from guardian.shortcuts import get_objects_for_user from rest_framework.decorators import action from rest_framework.parsers import MultiPartParser @@ -97,15 +102,15 @@ class FlowViewSet(ModelViewSet): filterset_fields = ["flow_uuid", "name", "slug", "designation"] @permission_required(None, ["authentik_flows.view_flow_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached flows""" return Response(data={"count": len(cache.keys("flow_*"))}) @permission_required(None, ["authentik_flows.clear_flow_cache"]) - @swagger_auto_schema( - request_body=no_body, + @extend_schema( + request=OpenApiTypes.NONE, responses={204: "Successfully cleared cache", 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -133,13 +138,13 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.change_prompt", ], ) - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -171,10 +176,10 @@ class FlowViewSet(ModelViewSet): "authentik_stages_prompt.view_prompt", ], ) - @swagger_auto_schema( + @extend_schema( responses={ - "200": openapi.Response( - "File Attachment", schema=openapi.Schema(type=openapi.TYPE_FILE) + "200": OpenApiResponse( + response=OpenApiParameter("File Attachment", type=OpenApiTypes.BINARY) ), }, ) @@ -188,7 +193,7 @@ class FlowViewSet(ModelViewSet): response["Content-Disposition"] = f'attachment; filename="{flow.slug}.akflow"' return response - @swagger_auto_schema(responses={200: FlowDiagramSerializer()}) + @extend_schema(responses={200: FlowDiagramSerializer()}) @action(detail=True, pagination_class=None, filter_backends=[], methods=["get"]) # pylint: disable=unused-argument def diagram(self, request: Request, slug: str) -> Response: @@ -259,13 +264,13 @@ class FlowViewSet(ModelViewSet): return Response({"diagram": diagram}) @permission_required("authentik_flows.change_flow") - @swagger_auto_schema( - request_body=no_body, - manual_parameters=[ - openapi.Parameter( + @extend_schema( + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( name="file", - in_=openapi.IN_FORM, - type=openapi.TYPE_FILE, + location=OpenApiParameter.QUERY, # TODO: Form + type=OpenApiTypes.BINARY, required=True, ) ], @@ -289,7 +294,7 @@ class FlowViewSet(ModelViewSet): app.save() return Response({}) - @swagger_auto_schema( + @extend_schema( responses={200: LinkSerializer(many=False), 400: "Flow not applicable"}, ) @action(detail=True, pagination_class=None, filter_backends=[]) diff --git a/authentik/flows/api/stages.py b/authentik/flows/api/stages.py index 749e4a7ac..a700e3b38 100644 --- a/authentik/flows/api/stages.py +++ b/authentik/flows/api/stages.py @@ -1,7 +1,7 @@ """Flow Stage API Views""" from typing import Iterable -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework import mixins from rest_framework.decorators import action from rest_framework.fields import BooleanField @@ -68,7 +68,7 @@ class StageViewSet( def get_queryset(self): return Stage.objects.select_subclasses() - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable stage types""" @@ -86,7 +86,7 @@ class StageViewSet( data = sorted(data, key=lambda x: x["name"]) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: StageUserSettingSerializer(many=True)}) + @extend_schema(responses={200: StageUserSettingSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def user_settings(self, request: Request) -> Response: """Get all stages the user can configure""" diff --git a/authentik/flows/views.py b/authentik/flows/views.py index 3935b9a10..d279d6211 100644 --- a/authentik/flows/views.py +++ b/authentik/flows/views.py @@ -10,8 +10,8 @@ from django.template.response import TemplateResponse from django.utils.decorators import method_decorator from django.views.decorators.clickjacking import xframe_options_sameorigin from django.views.generic import View -from drf_yasg import openapi -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.permissions import AllowAny from rest_framework.views import APIView from sentry_sdk import capture_exception @@ -125,19 +125,19 @@ class FlowExecutorView(APIView): self.current_stage_view.request = request return super().dispatch(request) - @swagger_auto_schema( + @extend_schema( responses={ 200: Challenge(), 404: "No Token found", # This error can be raised by the email stage }, - request_body=no_body, - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=OpenApiTypes.NONE, + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_get", @@ -157,16 +157,16 @@ class FlowExecutorView(APIView): self._logger.warning(exc) return to_stage_response(request, FlowErrorResponse(request, exc)) - @swagger_auto_schema( + @extend_schema( responses={200: Challenge()}, - request_body=ChallengeResponse(), - manual_parameters=[ - openapi.Parameter( - "query", - openapi.IN_QUERY, + request=ChallengeResponse(), + parameters=[ + OpenApiParameter( + name="query", + location=OpenApiParameter.QUERY, required=True, description="Querystring as received", - type=openapi.TYPE_STRING, + type=OpenApiTypes.STR, ) ], operation_id="flows_executor_solve", diff --git a/authentik/outposts/api/outpost_service_connections.py b/authentik/outposts/api/outpost_service_connections.py index 39b54c1e5..fdc28ca8b 100644 --- a/authentik/outposts/api/outpost_service_connections.py +++ b/authentik/outposts/api/outpost_service_connections.py @@ -2,7 +2,7 @@ from dataclasses import asdict from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from kubernetes.client.configuration import Configuration from kubernetes.config.config_exception import ConfigException from kubernetes.config.kube_config import load_kube_config_from_dict @@ -69,7 +69,7 @@ class ServiceConnectionViewSet( search_fields = ["name"] filterset_fields = ["name"] - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable service connection types""" @@ -87,7 +87,7 @@ class ServiceConnectionViewSet( ) return Response(TypeCreateSerializer(data, many=True).data) - @swagger_auto_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) + @extend_schema(responses={200: ServiceConnectionStateSerializer(many=False)}) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument, invalid-name def state(self, request: Request, pk: str) -> Response: diff --git a/authentik/outposts/api/outposts.py b/authentik/outposts/api/outposts.py index d026fa503..af862891d 100644 --- a/authentik/outposts/api/outposts.py +++ b/authentik/outposts/api/outposts.py @@ -1,7 +1,7 @@ """Outpost API Views""" from dacite.core import from_dict from dacite.exceptions import DaciteError -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, DateTimeField from rest_framework.request import Request @@ -72,7 +72,7 @@ class OutpostViewSet(ModelViewSet): ] ordering = ["name"] - @swagger_auto_schema(responses={200: OutpostHealthSerializer(many=True)}) + @extend_schema(responses={200: OutpostHealthSerializer(many=True)}) @action(methods=["GET"], detail=True) # pylint: disable=invalid-name, unused-argument def health(self, request: Request, pk: int) -> Response: @@ -90,7 +90,7 @@ class OutpostViewSet(ModelViewSet): ) return Response(OutpostHealthSerializer(states, many=True).data) - @swagger_auto_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) + @extend_schema(responses={200: OutpostDefaultConfigSerializer(many=False)}) @action(detail=False, methods=["GET"]) def default_settings(self, request: Request) -> Response: """Global default outpost config""" diff --git a/authentik/policies/api/policies.py b/authentik/policies/api/policies.py index 9a089e93a..f4cd0afdf 100644 --- a/authentik/policies/api/policies.py +++ b/authentik/policies/api/policies.py @@ -1,6 +1,7 @@ """policy API Views""" from django.core.cache import cache -from drf_yasg.utils import no_body, swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import extend_schema from guardian.shortcuts import get_objects_for_user from rest_framework import mixins from rest_framework.decorators import action @@ -96,7 +97,7 @@ class PolicyViewSet( "bindings", "promptstage_set" ) - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def types(self, request: Request) -> Response: """Get all creatable policy types""" @@ -114,15 +115,15 @@ class PolicyViewSet( return Response(TypeCreateSerializer(data, many=True).data) @permission_required(None, ["authentik_policies.view_policy_cache"]) - @swagger_auto_schema(responses={200: CacheSerializer(many=False)}) + @extend_schema(responses={200: CacheSerializer(many=False)}) @action(detail=False, pagination_class=None, filter_backends=[]) def cache_info(self, request: Request) -> Response: """Info about cached policies""" return Response(data={"count": len(cache.keys("policy_*"))}) @permission_required(None, ["authentik_policies.clear_policy_cache"]) - @swagger_auto_schema( - request_body=no_body, + @extend_schema( + request=OpenApiTypes.NONE, responses={204: "Successfully cleared cache", 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) @@ -137,8 +138,8 @@ class PolicyViewSet( return Response(status=204) @permission_required("authentik_policies.view_policy") - @swagger_auto_schema( - request_body=PolicyTestSerializer(), + @extend_schema( + request=PolicyTestSerializer(), responses={200: PolicyTestResultSerializer(), 400: "Invalid parameters"}, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index b090ef72c..d556e1bbe 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -1,7 +1,8 @@ """OAuth2Provider API Views""" +from django.db.models.base import Model from django.urls import reverse from django.utils.translation import gettext_lazy as _ -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.fields import ReadOnlyField from rest_framework.generics import get_object_or_404 @@ -60,6 +61,9 @@ class OAuth2ProviderSetupURLs(PassiveSerializer): provider_info = ReadOnlyField() logout = ReadOnlyField() + class Meta: + model = Model + class OAuth2ProviderViewSet(ModelViewSet): """OAuth2Provider Viewset""" @@ -67,9 +71,9 @@ class OAuth2ProviderViewSet(ModelViewSet): queryset = OAuth2Provider.objects.all() serializer_class = OAuth2ProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ - 200: OAuth2ProviderSetupURLs(many=False), + 200: OAuth2ProviderSetupURLs, 404: "Provider has no application assigned", } ) diff --git a/authentik/providers/proxy/api.py b/authentik/providers/proxy/api.py index c729d1241..3cfb8e120 100644 --- a/authentik/providers/proxy/api.py +++ b/authentik/providers/proxy/api.py @@ -1,7 +1,7 @@ """ProxyProvider API Views""" from typing import Any -from drf_yasg.utils import swagger_serializer_method +from drf_spectacular.utils import extend_schema_field from rest_framework.exceptions import ValidationError from rest_framework.fields import CharField, ListField, SerializerMethodField from rest_framework.serializers import ModelSerializer @@ -107,7 +107,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer): "forward_auth_mode", ] - @swagger_serializer_method(serializer_or_field=OpenIDConnectConfigurationSerializer) + @extend_schema_field(OpenIDConnectConfigurationSerializer) def get_oidc_configuration(self, obj: ProxyProvider): """Embed OpenID Connect provider information""" return ProviderInfoView(request=self.context["request"]._request).get_info(obj) diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 84630d81d..2a66b4b77 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -5,8 +5,8 @@ from defusedxml.ElementTree import fromstring from django.http.response import HttpResponse from django.shortcuts import get_object_or_404 from django.utils.translation import gettext_lazy as _ -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.fields import CharField, FileField, ReadOnlyField from rest_framework.parsers import MultiPartParser @@ -80,16 +80,16 @@ class SAMLProviderViewSet(ModelViewSet): queryset = SAMLProvider.objects.all() serializer_class = SAMLProviderSerializer - @swagger_auto_schema( + @extend_schema( responses={ 200: SAMLMetadataSerializer(many=False), 404: "Provider has no application assigned", }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="download", - in_=openapi.IN_QUERY, - type=openapi.TYPE_BOOLEAN, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.BOOL, ) ], ) @@ -118,8 +118,8 @@ class SAMLProviderViewSet(ModelViewSet): "authentik_crypto.add_certificatekeypair", ], ) - @swagger_auto_schema( - request_body=SAMLProviderImportSerializer(), + @extend_schema( + request=SAMLProviderImportSerializer(), responses={204: "Successfully imported provider", 400: "Bad request"}, ) @action(detail=False, methods=["POST"], parser_classes=(MultiPartParser,)) diff --git a/authentik/root/settings.py b/authentik/root/settings.py index 0c5eff2fa..21d5130a0 100644 --- a/authentik/root/settings.py +++ b/authentik/root/settings.py @@ -130,7 +130,7 @@ INSTALLED_APPS = [ "authentik.stages.user_write", "rest_framework", "django_filters", - "drf_yasg", + "drf_spectacular", "guardian", "django_prometheus", "channels", @@ -139,14 +139,17 @@ INSTALLED_APPS = [ GUARDIAN_MONKEY_PATCH = False -SWAGGER_SETTINGS = { - "DEFAULT_AUTO_SCHEMA_CLASS": "authentik.api.schema.ErrorResponseAutoSchema", - "DEFAULT_INFO": "authentik.api.v2.urls.info", - "DEFAULT_PAGINATOR_INSPECTORS": [ - "authentik.api.pagination_schema.PaginationInspector", - ], - "SECURITY_DEFINITIONS": { - "Bearer": {"type": "apiKey", "name": "Authorization", "in": "header"} +SPECTACULAR_SETTINGS = { + "TITLE": "authentik", + "DESCRIPTION": "Making authentication simple.", + "VERSION": __version__, + "COMPONENT_SPLIT_REQUEST": True, + "CONTACT": { + "email": "hello@beryju.org", + }, + "LICENSE": { + "name": "GNU GPLv3", + "url": "https://github.com/goauthentik/authentik/blob/master/LICENSE", }, } @@ -169,6 +172,7 @@ REST_FRAMEWORK = { "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], + "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } CACHES = { diff --git a/authentik/sources/ldap/api.py b/authentik/sources/ldap/api.py index c74be3a9d..61aca7c91 100644 --- a/authentik/sources/ldap/api.py +++ b/authentik/sources/ldap/api.py @@ -1,7 +1,7 @@ """Source API Views""" from django.http.response import Http404 from django.utils.text import slugify -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -48,9 +48,7 @@ class LDAPSourceViewSet(ModelViewSet): serializer_class = LDAPSourceSerializer lookup_field = "slug" - @swagger_auto_schema( - responses={200: TaskSerializer(many=False), 404: "Task not found"} - ) + @extend_schema(responses={200: TaskSerializer(many=False), 404: "Task not found"}) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def sync_status(self, request: Request, slug: str) -> Response: diff --git a/authentik/sources/oauth/api/source.py b/authentik/sources/oauth/api/source.py index b2813af1f..8899cfc89 100644 --- a/authentik/sources/oauth/api/source.py +++ b/authentik/sources/oauth/api/source.py @@ -1,6 +1,6 @@ """OAuth Source Serializer""" from django.urls.base import reverse_lazy -from drf_yasg.utils import swagger_auto_schema, swagger_serializer_method +from drf_spectacular.utils import extend_schema, extend_schema_field from rest_framework.decorators import action from rest_framework.fields import BooleanField, CharField, SerializerMethodField from rest_framework.request import Request @@ -43,7 +43,7 @@ class OAuthSourceSerializer(SourceSerializer): type = SerializerMethodField() - @swagger_serializer_method(serializer_or_field=SourceTypeSerializer) + @extend_schema_field(SourceTypeSerializer) def get_type(self, instace: OAuthSource) -> SourceTypeSerializer: """Get source's type configuration""" return SourceTypeSerializer(instace.type).data @@ -85,7 +85,7 @@ class OAuthSourceViewSet(ModelViewSet): serializer_class = OAuthSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SourceTypeSerializer(many=True)}) + @extend_schema(responses={200: SourceTypeSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def source_types(self, request: Request) -> Response: """Get all creatable source types""" diff --git a/authentik/sources/plex/api.py b/authentik/sources/plex/api.py index d9c351aef..2210da72b 100644 --- a/authentik/sources/plex/api.py +++ b/authentik/sources/plex/api.py @@ -1,7 +1,7 @@ """Plex Source Serializer""" from django.shortcuts import get_object_or_404 -from drf_yasg import openapi -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.types import OpenApiTypes +from drf_spectacular.utils import OpenApiParameter, extend_schema from rest_framework.decorators import action from rest_framework.exceptions import PermissionDenied from rest_framework.fields import CharField @@ -50,18 +50,18 @@ class PlexSourceViewSet(ModelViewSet): lookup_field = "slug" @permission_required(None) - @swagger_auto_schema( - request_body=PlexTokenRedeemSerializer(), + @extend_schema( + request=PlexTokenRedeemSerializer(), responses={ 200: RedirectChallenge(), 400: "Token not found", 403: "Access denied", }, - manual_parameters=[ - openapi.Parameter( + parameters=[ + OpenApiParameter( name="slug", - in_=openapi.IN_QUERY, - type=openapi.TYPE_STRING, + location=OpenApiParameter.QUERY, + type=OpenApiTypes.STR, ) ], ) diff --git a/authentik/sources/saml/api.py b/authentik/sources/saml/api.py index 91a4407fb..88cde35cb 100644 --- a/authentik/sources/saml/api.py +++ b/authentik/sources/saml/api.py @@ -1,5 +1,5 @@ """SAMLSource API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -39,7 +39,7 @@ class SAMLSourceViewSet(ModelViewSet): serializer_class = SAMLSourceSerializer lookup_field = "slug" - @swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)}) + @extend_schema(responses={200: SAMLMetadataSerializer(many=False)}) @action(methods=["GET"], detail=True) # pylint: disable=unused-argument def metadata(self, request: Request, slug: str) -> Response: diff --git a/authentik/stages/email/api.py b/authentik/stages/email/api.py index 27b5d6752..e13d9584f 100644 --- a/authentik/stages/email/api.py +++ b/authentik/stages/email/api.py @@ -1,5 +1,5 @@ """EmailStage API Views""" -from drf_yasg.utils import swagger_auto_schema +from drf_spectacular.utils import extend_schema from rest_framework.decorators import action from rest_framework.request import Request from rest_framework.response import Response @@ -52,7 +52,7 @@ class EmailStageViewSet(ModelViewSet): queryset = EmailStage.objects.all() serializer_class = EmailStageSerializer - @swagger_auto_schema(responses={200: TypeCreateSerializer(many=True)}) + @extend_schema(responses={200: TypeCreateSerializer(many=True)}) @action(detail=False, pagination_class=None, filter_backends=[]) def templates(self, request: Request) -> Response: """Get all available templates, including custom templates""" diff --git a/schema.yml b/schema.yml new file mode 100644 index 000000000..e7f831aec --- /dev/null +++ b/schema.yml @@ -0,0 +1,21751 @@ +openapi: 3.0.3 +info: + title: authentik + version: 2021.5.1 + description: Making authentication simple. + contact: + email: hello@beryju.org + license: + name: GNU GPLv3 + url: https://github.com/goauthentik/authentik/blob/master/LICENSE +paths: + /api/v2beta/admin/apps/: + get: + operationId: admin_apps_list + description: List current messages and pass into Serializer + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/App' + description: '' + /api/v2beta/admin/metrics/: + get: + operationId: admin_metrics_list + description: Login Metrics per 1h + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/LoginMetrics' + description: '' + /api/v2beta/admin/system_tasks/: + get: + operationId: admin_system_tasks_list + description: List system tasks + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Task' + description: '' + /api/v2beta/admin/system_tasks/{id}/: + get: + operationId: admin_system_tasks_retrieve + description: Get a single system task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/admin/system_tasks/{id}/retry/: + post: + operationId: admin_system_tasks_retry_create + description: Retry task + parameters: + - in: path + name: id + schema: + type: string + required: true + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '500': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/admin/version/: + get: + operationId: admin_version_list + description: Get running and latest version. + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Version' + description: '' + /api/v2beta/admin/workers/: + get: + operationId: admin_workers_list + description: Get currently connected worker count. + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - admin + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + description: No response body + /api/v2beta/authenticators/admin/static/: + get: + operationId: authenticators_admin_static_list + description: Viewset for static authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + /api/v2beta/authenticators/admin/static/{id}/: + get: + operationId: authenticators_admin_static_retrieve + description: Viewset for static authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + /api/v2beta/authenticators/admin/totp/: + get: + operationId: authenticators_admin_totp_list + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + /api/v2beta/authenticators/admin/totp/{id}/: + get: + operationId: authenticators_admin_totp_retrieve + description: Viewset for totp authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + /api/v2beta/authenticators/admin/webauthn/: + get: + operationId: authenticators_admin_webauthn_list + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + /api/v2beta/authenticators/admin/webauthn/{id}/: + get: + operationId: authenticators_admin_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices (for admins) + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + /api/v2beta/authenticators/static/: + get: + operationId: authenticators_static_list + description: Viewset for static authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStaticDeviceList' + description: '' + post: + operationId: authenticators_static_create + description: Viewset for static authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + /api/v2beta/authenticators/static/{id}/: + get: + operationId: authenticators_static_retrieve + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + put: + operationId: authenticators_static_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/StaticDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + patch: + operationId: authenticators_static_partial_update + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedStaticDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/StaticDevice' + description: '' + delete: + operationId: authenticators_static_destroy + description: Viewset for static authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this static device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/authenticators/totp/: + get: + operationId: authenticators_totp_list + description: Viewset for totp authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTOTPDeviceList' + description: '' + post: + operationId: authenticators_totp_create + description: Viewset for totp authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + /api/v2beta/authenticators/totp/{id}/: + get: + operationId: authenticators_totp_retrieve + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + put: + operationId: authenticators_totp_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TOTPDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + patch: + operationId: authenticators_totp_partial_update + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTOTPDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TOTPDevice' + description: '' + delete: + operationId: authenticators_totp_destroy + description: Viewset for totp authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this TOTP device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/authenticators/webauthn/: + get: + operationId: authenticators_webauthn_list + description: Viewset for WebAuthn authenticator devices + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedWebAuthnDeviceList' + description: '' + post: + operationId: authenticators_webauthn_create + description: Viewset for WebAuthn authenticator devices + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + /api/v2beta/authenticators/webauthn/{id}/: + get: + operationId: authenticators_webauthn_retrieve + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + put: + operationId: authenticators_webauthn_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/WebAuthnDeviceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + patch: + operationId: authenticators_webauthn_partial_update + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedWebAuthnDeviceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/WebAuthnDevice' + description: '' + delete: + operationId: authenticators_webauthn_destroy + description: Viewset for WebAuthn authenticator devices + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this WebAuthn Device. + required: true + tags: + - authenticators + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/applications/: + get: + operationId: core_applications_list + description: Custom list method that checks Policy based access instead of guardian + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: superuser_full_list + schema: + type: boolean + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedApplicationList' + description: '' + post: + operationId: core_applications_create + description: Application Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + /api/v2beta/core/applications/{slug}/: + get: + operationId: core_applications_retrieve + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + put: + operationId: core_applications_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ApplicationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + patch: + operationId: core_applications_partial_update + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedApplicationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + description: '' + delete: + operationId: core_applications_destroy + description: Application Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/applications/{slug}/check_access/: + get: + operationId: core_applications_check_access_retrieve + description: Check access to a single application by slug + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '403': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/applications/{slug}/metrics/: + get: + operationId: core_applications_metrics_list + description: Metrics for application logins + parameters: + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Coordinate' + description: '' + /api/v2beta/core/applications/{slug}/set_icon/: + post: + operationId: core_applications_set_icon_create + description: Set application icon + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Internal application name, used in URLs. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/groups/: + get: + operationId: core_groups_list + description: Group Viewset + parameters: + - in: query + name: is_superuser + schema: + type: boolean + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedGroupList' + description: '' + post: + operationId: core_groups_create + description: Group Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + /api/v2beta/core/groups/{group_uuid}/: + get: + operationId: core_groups_retrieve + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + put: + operationId: core_groups_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/GroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/GroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/GroupRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + patch: + operationId: core_groups_partial_update + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedGroupRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Group' + description: '' + delete: + operationId: core_groups_destroy + description: Group Viewset + parameters: + - in: path + name: group_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this group. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/tokens/: + get: + operationId: core_tokens_list + description: Token Viewset + parameters: + - in: query + name: description + schema: + type: string + - in: query + name: identifier + schema: + type: string + - in: query + name: intent + schema: + type: string + enum: + - api + - recovery + - verification + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user__username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedTokenList' + description: '' + post: + operationId: core_tokens_create + description: Token Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + /api/v2beta/core/tokens/{identifier}/: + get: + operationId: core_tokens_retrieve + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + put: + operationId: core_tokens_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/TokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/TokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/TokenRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + patch: + operationId: core_tokens_partial_update + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedTokenRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Token' + description: '' + delete: + operationId: core_tokens_destroy + description: Token Viewset + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/tokens/{identifier}/view_key/: + get: + operationId: core_tokens_view_key_retrieve + description: Return token key and log access + parameters: + - in: path + name: identifier + schema: + type: string + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/TokenView' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/user_consent/: + get: + operationId: core_user_consent_list + description: UserConsent Viewset + parameters: + - in: query + name: application + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserConsentList' + description: '' + /api/v2beta/core/user_consent/{id}/: + get: + operationId: core_user_consent_retrieve + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserConsent' + description: '' + delete: + operationId: core_user_consent_destroy + description: UserConsent Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User Consent. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/users/: + get: + operationId: core_users_list + description: User Viewset + parameters: + - in: query + name: attributes + schema: + type: string + description: Attributes + - in: query + name: is_active + schema: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + - in: query + name: is_superuser + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserList' + description: '' + post: + operationId: core_users_create + description: User Viewset + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + /api/v2beta/core/users/{id}/: + get: + operationId: core_users_retrieve + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + put: + operationId: core_users_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + patch: + operationId: core_users_partial_update + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/User' + description: '' + delete: + operationId: core_users_destroy + description: User Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/core/users/{id}/metrics/: + get: + operationId: core_users_metrics_retrieve + description: User metrics per 1h + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserMetrics' + description: '' + /api/v2beta/core/users/{id}/recovery/: + get: + operationId: core_users_recovery_retrieve + description: Create a temporary link that a user can use to recover their accounts + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User. + required: true + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/core/users/me/: + get: + operationId: core_users_me_retrieve + description: Get information about current user + tags: + - core + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SessionUser' + description: '' + /api/v2beta/crypto/certificatekeypairs/: + get: + operationId: crypto_certificatekeypairs_list + description: CertificateKeyPair Viewset + parameters: + - in: query + name: has_key + schema: + type: string + description: Only return certificate-key pairs with keys + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCertificateKeyPairList' + description: '' + post: + operationId: crypto_certificatekeypairs_create + description: CertificateKeyPair Viewset + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/: + get: + operationId: crypto_certificatekeypairs_retrieve + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + put: + operationId: crypto_certificatekeypairs_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateKeyPairRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + patch: + operationId: crypto_certificatekeypairs_partial_update + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCertificateKeyPairRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + delete: + operationId: crypto_certificatekeypairs_destroy + description: CertificateKeyPair Viewset + parameters: + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_certificate/: + get: + operationId: crypto_certificatekeypairs_view_certificate_retrieve + description: Return certificate-key pairs certificate and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + /api/v2beta/crypto/certificatekeypairs/{kp_uuid}/view_private_key/: + get: + operationId: crypto_certificatekeypairs_view_private_key_retrieve + description: Return certificate-key pairs private key and log access + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: kp_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Certificate-Key Pair. + required: true + tags: + - crypto + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateData' + description: '' + /api/v2beta/crypto/certificatekeypairs/generate/: + post: + operationId: crypto_certificatekeypairs_generate_create + description: Generate a new, self-signed certificate-key pair + tags: + - crypto + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CertificateGenerationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CertificateKeyPair' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/events/events/: + get: + operationId: events_events_list + description: Event Read-Only Viewset + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventList' + description: '' + /api/v2beta/events/events/{event_uuid}/: + get: + operationId: events_events_retrieve + description: Event Read-Only Viewset + parameters: + - in: path + name: event_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Event' + description: '' + /api/v2beta/events/events/actions/: + get: + operationId: events_events_actions_list + description: Get all actions + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/events/events/top_per_user/: + get: + operationId: events_events_top_per_user_list + description: Get the top_n events grouped by user count + parameters: + - in: query + name: action + schema: + type: string + - in: query + name: client_ip + schema: + type: string + - in: query + name: context_authorized_app + schema: + type: string + description: Context Authorized application + - in: query + name: context_model_app + schema: + type: string + description: Context Model App + - in: query + name: context_model_name + schema: + type: string + description: Context Model Name + - in: query + name: context_model_pk + schema: + type: string + description: Context Model Primary Key + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: top_n + schema: + type: integer + - in: query + name: username + schema: + type: string + description: Username + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventTopPerUserList' + description: '' + /api/v2beta/events/notifications/: + get: + operationId: events_notifications_list + description: Notification Viewset + parameters: + - in: query + name: body + schema: + type: string + - in: query + name: created + schema: + type: string + format: date-time + - in: query + name: event + schema: + type: string + format: uuid + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: seen + schema: + type: boolean + - in: query + name: severity + schema: + type: string + enum: + - alert + - notice + - warning + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationList' + description: '' + /api/v2beta/events/notifications/{uuid}/: + get: + operationId: events_notifications_retrieve + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + put: + operationId: events_notifications_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + patch: + operationId: events_notifications_partial_update + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Notification' + description: '' + delete: + operationId: events_notifications_destroy + description: Notification Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/rules/: + get: + operationId: events_rules_list + description: NotificationRule Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationRuleList' + description: '' + post: + operationId: events_rules_create + description: NotificationRule Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + /api/v2beta/events/rules/{pbm_uuid}/: + get: + operationId: events_rules_retrieve + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + put: + operationId: events_rules_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationRuleRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + patch: + operationId: events_rules_partial_update + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationRuleRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationRule' + description: '' + delete: + operationId: events_rules_destroy + description: NotificationRule Viewset + parameters: + - in: path + name: pbm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Rule. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/transports/: + get: + operationId: events_transports_list + description: NotificationTransport Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedNotificationTransportList' + description: '' + post: + operationId: events_transports_create + description: NotificationTransport Viewset + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + /api/v2beta/events/transports/{uuid}/: + get: + operationId: events_transports_retrieve + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + put: + operationId: events_transports_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/NotificationTransportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + patch: + operationId: events_transports_partial_update + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedNotificationTransportRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransport' + description: '' + delete: + operationId: events_transports_destroy + description: NotificationTransport Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/events/transports/{uuid}/test/: + post: + operationId: events_transports_test_create + description: |- + Send example notification using selected transport. Requires + Modify permissions. + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Notification Transport. + required: true + tags: + - events + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/NotificationTransportTest' + description: '' + '503': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/bindings/: + get: + operationId: flows_bindings_list + description: FlowStageBinding Viewset + parameters: + - in: query + name: evaluate_on_plan + schema: + type: boolean + - in: query + name: fsb_uuid + schema: + type: string + format: uuid + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: pbm_uuid + schema: + type: string + format: uuid + - in: query + name: policies + schema: + type: array + items: + type: string + format: uuid + explode: true + style: form + - in: query + name: policy_engine_mode + schema: + type: string + enum: + - all + - any + - in: query + name: re_evaluate_policies + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: stage + schema: + type: string + format: uuid + - in: query + name: target + schema: + type: string + format: uuid + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowStageBindingList' + description: '' + post: + operationId: flows_bindings_create + description: FlowStageBinding Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + /api/v2beta/flows/bindings/{fsb_uuid}/: + get: + operationId: flows_bindings_retrieve + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + put: + operationId: flows_bindings_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowStageBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + patch: + operationId: flows_bindings_partial_update + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowStageBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowStageBinding' + description: '' + delete: + operationId: flows_bindings_destroy + description: FlowStageBinding Viewset + parameters: + - in: path + name: fsb_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Flow Stage Binding. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/flows/executor/{flow_slug}/: + get: + operationId: flows_executor_get + description: Get the next pending challenge from the currently active flow. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + post: + operationId: flows_executor_solve + description: Solve the previously retrieved challenge and advanced to the next + stage. + parameters: + - in: path + name: flow_slug + schema: + type: string + required: true + - in: query + name: query + schema: + type: string + description: Querystring as received + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Challenge' + description: '' + /api/v2beta/flows/instances/: + get: + operationId: flows_instances_list + description: Flow Viewset + parameters: + - in: query + name: designation + schema: + type: string + enum: + - authentication + - authorization + - enrollment + - invalidation + - recovery + - stage_configuration + - unenrollment + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + - in: query + name: flow_uuid + schema: + type: string + format: uuid + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: slug + schema: + type: string + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedFlowList' + description: '' + post: + operationId: flows_instances_create + description: Flow Viewset + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + /api/v2beta/flows/instances/{slug}/: + get: + operationId: flows_instances_retrieve + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + put: + operationId: flows_instances_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/FlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/FlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/FlowRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + patch: + operationId: flows_instances_partial_update + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedFlowRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Flow' + description: '' + delete: + operationId: flows_instances_destroy + description: Flow Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/flows/instances/{slug}/diagram/: + get: + operationId: flows_instances_diagram_retrieve + description: Return diagram for flow with slug `slug`, in the format used by + flowchart.js + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/FlowDiagram' + description: '' + /api/v2beta/flows/instances/{slug}/execute/: + get: + operationId: flows_instances_execute_retrieve + description: Execute flow for current user + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Link' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/{slug}/export/: + get: + operationId: flows_instances_export_retrieve + description: Export flow to .akflow file + parameters: + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: null + /api/v2beta/flows/instances/{slug}/set_background/: + post: + operationId: flows_instances_set_background_create + description: Set Flow background + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + - in: path + name: slug + schema: + type: string + description: Visible in the URL. + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/cache_clear/: + post: + operationId: flows_instances_cache_clear_create + description: Clear flow cache + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/flows/instances/cache_info/: + get: + operationId: flows_instances_cache_info_retrieve + description: Info about cached flows + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + /api/v2beta/flows/instances/import_flow/: + post: + operationId: flows_instances_import_flow_create + description: Import flow from .akflow file + parameters: + - in: query + name: file + schema: + type: string + format: binary + required: true + tags: + - flows + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/oauth2/authorization_codes/: + get: + operationId: oauth2_authorization_codes_list + description: AuthorizationCode Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + /api/v2beta/oauth2/authorization_codes/{id}/: + get: + operationId: oauth2_authorization_codes_retrieve + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + delete: + operationId: oauth2_authorization_codes_destroy + description: AuthorizationCode Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Authorization Code. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/oauth2/refresh_tokens/: + get: + operationId: oauth2_refresh_tokens_list + description: RefreshToken Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: provider + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: user + schema: + type: integer + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpiringBaseGrantModelList' + description: '' + /api/v2beta/oauth2/refresh_tokens/{id}/: + get: + operationId: oauth2_refresh_tokens_retrieve + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + description: '' + delete: + operationId: oauth2_refresh_tokens_destroy + description: RefreshToken Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2 Token. + required: true + tags: + - oauth2 + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/instances/: + get: + operationId: outposts_instances_list + description: Outpost Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostList' + description: '' + post: + operationId: outposts_instances_create + description: Outpost Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + /api/v2beta/outposts/instances/{uuid}/: + get: + operationId: outposts_instances_retrieve + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + put: + operationId: outposts_instances_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + patch: + operationId: outposts_instances_partial_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + delete: + operationId: outposts_instances_destroy + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/instances/{uuid}/health/: + get: + operationId: outposts_instances_health_list + description: Get outposts current health + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostHealthList' + description: '' + /api/v2beta/outposts/instances/default_settings/: + get: + operationId: outposts_instances_default_settings_retrieve + description: Global default outpost config + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostDefaultConfig' + description: '' + /api/v2beta/outposts/ldap/: + get: + operationId: outposts_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPOutpostConfigList' + description: '' + /api/v2beta/outposts/ldap/{id}/: + get: + operationId: outposts_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPOutpostConfig' + description: '' + /api/v2beta/outposts/outposts/: + get: + operationId: outposts_outposts_list + description: Outpost Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostList' + description: '' + post: + operationId: outposts_outposts_create + description: Outpost Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + /api/v2beta/outposts/outposts/{uuid}/: + get: + operationId: outposts_outposts_retrieve + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + put: + operationId: outposts_outposts_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OutpostRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + patch: + operationId: outposts_outposts_partial_update + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOutpostRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Outpost' + description: '' + delete: + operationId: outposts_outposts_destroy + description: Outpost Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/outposts/{uuid}/health/: + get: + operationId: outposts_outposts_health_list + description: Get outposts current health + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: providers__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this outpost. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOutpostHealthList' + description: '' + /api/v2beta/outposts/outposts/default_settings/: + get: + operationId: outposts_outposts_default_settings_retrieve + description: Global default outpost config + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OutpostDefaultConfig' + description: '' + /api/v2beta/outposts/proxy/: + get: + operationId: outposts_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyOutpostConfigList' + description: '' + /api/v2beta/outposts/proxy/{id}/: + get: + operationId: outposts_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyOutpostConfig' + description: '' + /api/v2beta/outposts/service_connections/all/: + get: + operationId: outposts_service_connections_all_list + description: ServiceConnection Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedServiceConnectionList' + description: '' + /api/v2beta/outposts/service_connections/all/{uuid}/: + get: + operationId: outposts_service_connections_all_retrieve + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_all_destroy + description: ServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/service_connections/all/{uuid}/state/: + get: + operationId: outposts_service_connections_all_state_retrieve + description: Get the service connection's state + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Outpost Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ServiceConnectionState' + description: '' + /api/v2beta/outposts/service_connections/all/types/: + get: + operationId: outposts_service_connections_all_types_list + description: Get all creatable service connection types + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/outposts/service_connections/docker/: + get: + operationId: outposts_service_connections_docker_list + description: DockerServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDockerServiceConnectionList' + description: '' + post: + operationId: outposts_service_connections_docker_create + description: DockerServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + /api/v2beta/outposts/service_connections/docker/{uuid}/: + get: + operationId: outposts_service_connections_docker_retrieve + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + put: + operationId: outposts_service_connections_docker_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DockerServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + patch: + operationId: outposts_service_connections_docker_partial_update + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDockerServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DockerServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_docker_destroy + description: DockerServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Docker Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/outposts/service_connections/kubernetes/: + get: + operationId: outposts_service_connections_kubernetes_list + description: KubernetesServiceConnection Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedKubernetesServiceConnectionList' + description: '' + post: + operationId: outposts_service_connections_kubernetes_create + description: KubernetesServiceConnection Viewset + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + /api/v2beta/outposts/service_connections/kubernetes/{uuid}/: + get: + operationId: outposts_service_connections_kubernetes_retrieve + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + put: + operationId: outposts_service_connections_kubernetes_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/KubernetesServiceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + patch: + operationId: outposts_service_connections_kubernetes_partial_update + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedKubernetesServiceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/KubernetesServiceConnection' + description: '' + delete: + operationId: outposts_service_connections_kubernetes_destroy + description: KubernetesServiceConnection Viewset + parameters: + - in: path + name: uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Kubernetes Service-Connection. + required: true + tags: + - outposts + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/all/: + get: + operationId: policies_all_list + description: Policy Viewset + parameters: + - in: query + name: bindings__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: promptstage__isnull + schema: + type: boolean + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyList' + description: '' + /api/v2beta/policies/all/{policy_uuid}/: + get: + operationId: policies_all_retrieve + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Policy' + description: '' + delete: + operationId: policies_all_destroy + description: Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/all/{policy_uuid}/test/: + post: + operationId: policies_all_test_create + description: Test policy + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestResult' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/policies/all/cache_clear/: + post: + operationId: policies_all_cache_clear_create + description: Clear policy cache + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/policies/all/cache_info/: + get: + operationId: policies_all_cache_info_retrieve + description: Info about cached policies + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Cache' + description: '' + /api/v2beta/policies/all/types/: + get: + operationId: policies_all_types_list + description: Get all creatable policy types + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/policies/bindings/: + get: + operationId: policies_bindings_list + description: PolicyBinding Viewset + parameters: + - in: query + name: enabled + schema: + type: boolean + - in: query + name: order + schema: + type: integer + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: policy + schema: + type: string + format: uuid + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: target + schema: + type: string + format: uuid + - in: query + name: timeout + schema: + type: integer + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPolicyBindingList' + description: '' + post: + operationId: policies_bindings_create + description: PolicyBinding Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + /api/v2beta/policies/bindings/{policy_binding_uuid}/: + get: + operationId: policies_bindings_retrieve + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + put: + operationId: policies_bindings_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyBindingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + patch: + operationId: policies_bindings_partial_update + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPolicyBindingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyBinding' + description: '' + delete: + operationId: policies_bindings_destroy + description: PolicyBinding Viewset + parameters: + - in: path + name: policy_binding_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Policy Binding. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/dummy/: + get: + operationId: policies_dummy_list + description: Dummy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyPolicyList' + description: '' + post: + operationId: policies_dummy_create + description: Dummy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + /api/v2beta/policies/dummy/{policy_uuid}/: + get: + operationId: policies_dummy_retrieve + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + put: + operationId: policies_dummy_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + patch: + operationId: policies_dummy_partial_update + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyPolicy' + description: '' + delete: + operationId: policies_dummy_destroy + description: Dummy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/event_matcher/: + get: + operationId: policies_event_matcher_list + description: Event Matcher Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEventMatcherPolicyList' + description: '' + post: + operationId: policies_event_matcher_create + description: Event Matcher Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + /api/v2beta/policies/event_matcher/{policy_uuid}/: + get: + operationId: policies_event_matcher_retrieve + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + put: + operationId: policies_event_matcher_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + patch: + operationId: policies_event_matcher_partial_update + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEventMatcherPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EventMatcherPolicy' + description: '' + delete: + operationId: policies_event_matcher_destroy + description: Event Matcher Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Event Matcher Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/expression/: + get: + operationId: policies_expression_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedExpressionPolicyList' + description: '' + post: + operationId: policies_expression_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + /api/v2beta/policies/expression/{policy_uuid}/: + get: + operationId: policies_expression_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + put: + operationId: policies_expression_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ExpressionPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + patch: + operationId: policies_expression_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedExpressionPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ExpressionPolicy' + description: '' + delete: + operationId: policies_expression_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Expression Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/haveibeenpwned/: + get: + operationId: policies_haveibeenpwned_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedHaveIBeenPwendPolicyList' + description: '' + post: + operationId: policies_haveibeenpwned_create + description: Source Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + /api/v2beta/policies/haveibeenpwned/{policy_uuid}/: + get: + operationId: policies_haveibeenpwned_retrieve + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + put: + operationId: policies_haveibeenpwned_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + patch: + operationId: policies_haveibeenpwned_partial_update + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedHaveIBeenPwendPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + description: '' + delete: + operationId: policies_haveibeenpwned_destroy + description: Source Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Have I Been Pwned Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/password/: + get: + operationId: policies_password_list + description: Password Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordPolicyList' + description: '' + post: + operationId: policies_password_create + description: Password Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + /api/v2beta/policies/password/{policy_uuid}/: + get: + operationId: policies_password_retrieve + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + put: + operationId: policies_password_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + patch: + operationId: policies_password_partial_update + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordPolicy' + description: '' + delete: + operationId: policies_password_destroy + description: Password Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/password_expiry/: + get: + operationId: policies_password_expiry_list + description: Password Expiry Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordExpiryPolicyList' + description: '' + post: + operationId: policies_password_expiry_create + description: Password Expiry Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + /api/v2beta/policies/password_expiry/{policy_uuid}/: + get: + operationId: policies_password_expiry_retrieve + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + put: + operationId: policies_password_expiry_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicyRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + patch: + operationId: policies_password_expiry_partial_update + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordExpiryPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordExpiryPolicy' + description: '' + delete: + operationId: policies_password_expiry_destroy + description: Password Expiry Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Expiry Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/: + get: + operationId: policies_reputation_list + description: Reputation Policy Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedReputationPolicyList' + description: '' + post: + operationId: policies_reputation_create + description: Reputation Policy Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + /api/v2beta/policies/reputation/{policy_uuid}/: + get: + operationId: policies_reputation_retrieve + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + put: + operationId: policies_reputation_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + patch: + operationId: policies_reputation_partial_update + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedReputationPolicyRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ReputationPolicy' + description: '' + delete: + operationId: policies_reputation_destroy + description: Reputation Policy Viewset + parameters: + - in: path + name: policy_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Reputation Policy. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/ips/: + get: + operationId: policies_reputation_ips_list + description: IPReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIPReputationList' + description: '' + post: + operationId: policies_reputation_ips_create + description: IPReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + /api/v2beta/policies/reputation/ips/{id}/: + get: + operationId: policies_reputation_ips_retrieve + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + put: + operationId: policies_reputation_ips_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IPReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + patch: + operationId: policies_reputation_ips_partial_update + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIPReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IPReputation' + description: '' + delete: + operationId: policies_reputation_ips_destroy + description: IPReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this ip reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/policies/reputation/users/: + get: + operationId: policies_reputation_users_list + description: UserReputation Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserReputationList' + description: '' + post: + operationId: policies_reputation_users_create + description: UserReputation Viewset + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + /api/v2beta/policies/reputation/users/{id}/: + get: + operationId: policies_reputation_users_retrieve + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + put: + operationId: policies_reputation_users_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserReputationRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + patch: + operationId: policies_reputation_users_partial_update + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserReputationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserReputation' + description: '' + delete: + operationId: policies_reputation_users_destroy + description: UserReputation Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this user reputation. + required: true + tags: + - policies + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/all/: + get: + operationId: propertymappings_all_list + description: PropertyMapping Viewset + parameters: + - in: query + name: managed__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPropertyMappingList' + description: '' + /api/v2beta/propertymappings/all/{pm_uuid}/: + get: + operationId: propertymappings_all_retrieve + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMapping' + description: '' + delete: + operationId: propertymappings_all_destroy + description: PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/all/{pm_uuid}/test/: + post: + operationId: propertymappings_all_test_create + description: Test Property Mapping + parameters: + - in: query + name: format_result + schema: + type: boolean + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PolicyTestRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PropertyMappingTestResult' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/propertymappings/all/types/: + get: + operationId: propertymappings_all_types_list + description: Get all creatable property-mapping types + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/propertymappings/ldap/: + get: + operationId: propertymappings_ldap_list + description: LDAP PropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPPropertyMappingList' + description: '' + post: + operationId: propertymappings_ldap_create + description: LDAP PropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + /api/v2beta/propertymappings/ldap/{pm_uuid}/: + get: + operationId: propertymappings_ldap_retrieve + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + put: + operationId: propertymappings_ldap_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + patch: + operationId: propertymappings_ldap_partial_update + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPPropertyMapping' + description: '' + delete: + operationId: propertymappings_ldap_destroy + description: LDAP PropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this LDAP Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/saml/: + get: + operationId: propertymappings_saml_list + description: SAMLPropertyMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLPropertyMappingList' + description: '' + post: + operationId: propertymappings_saml_create + description: SAMLPropertyMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + /api/v2beta/propertymappings/saml/{pm_uuid}/: + get: + operationId: propertymappings_saml_retrieve + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + put: + operationId: propertymappings_saml_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLPropertyMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + patch: + operationId: propertymappings_saml_partial_update + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLPropertyMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLPropertyMapping' + description: '' + delete: + operationId: propertymappings_saml_destroy + description: SAMLPropertyMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this SAML Property Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/propertymappings/scope/: + get: + operationId: propertymappings_scope_list + description: ScopeMapping Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedScopeMappingList' + description: '' + post: + operationId: propertymappings_scope_create + description: ScopeMapping Viewset + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + /api/v2beta/propertymappings/scope/{pm_uuid}/: + get: + operationId: propertymappings_scope_retrieve + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + put: + operationId: propertymappings_scope_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ScopeMappingRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + patch: + operationId: propertymappings_scope_partial_update + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedScopeMappingRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ScopeMapping' + description: '' + delete: + operationId: propertymappings_scope_destroy + description: ScopeMapping Viewset + parameters: + - in: path + name: pm_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Scope Mapping. + required: true + tags: + - propertymappings + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/all/: + get: + operationId: providers_all_list + description: Provider Viewset + parameters: + - in: query + name: application__isnull + schema: + type: boolean + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProviderList' + description: '' + /api/v2beta/providers/all/{id}/: + get: + operationId: providers_all_retrieve + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Provider' + description: '' + delete: + operationId: providers_all_destroy + description: Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/all/types/: + get: + operationId: providers_all_types_list + description: Get all creatable provider types + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/providers/ldap/: + get: + operationId: providers_ldap_list + description: LDAPProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPProviderList' + description: '' + post: + operationId: providers_ldap_create + description: LDAPProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + /api/v2beta/providers/ldap/{id}/: + get: + operationId: providers_ldap_retrieve + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + put: + operationId: providers_ldap_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + patch: + operationId: providers_ldap_partial_update + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPProvider' + description: '' + delete: + operationId: providers_ldap_destroy + description: LDAPProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this LDAP Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/oauth2/: + get: + operationId: providers_oauth2_list + description: OAuth2Provider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuth2ProviderList' + description: '' + post: + operationId: providers_oauth2_create + description: OAuth2Provider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + /api/v2beta/providers/oauth2/{id}/: + get: + operationId: providers_oauth2_retrieve + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + put: + operationId: providers_oauth2_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuth2ProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + patch: + operationId: providers_oauth2_partial_update + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuth2ProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2Provider' + description: '' + delete: + operationId: providers_oauth2_destroy + description: OAuth2Provider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/oauth2/{id}/setup_urls/: + get: + operationId: providers_oauth2_setup_urls_retrieve + description: Get Providers setup URLs + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this OAuth2/OpenID Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuth2ProviderSetupURLs' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/providers/proxy/: + get: + operationId: providers_proxy_list + description: ProxyProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedProxyProviderList' + description: '' + post: + operationId: providers_proxy_create + description: ProxyProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + /api/v2beta/providers/proxy/{id}/: + get: + operationId: providers_proxy_retrieve + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + put: + operationId: providers_proxy_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ProxyProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + patch: + operationId: providers_proxy_partial_update + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedProxyProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ProxyProvider' + description: '' + delete: + operationId: providers_proxy_destroy + description: ProxyProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this Proxy Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/saml/: + get: + operationId: providers_saml_list + description: SAMLProvider Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLProviderList' + description: '' + post: + operationId: providers_saml_create + description: SAMLProvider Viewset + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + /api/v2beta/providers/saml/{id}/: + get: + operationId: providers_saml_retrieve + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + put: + operationId: providers_saml_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + patch: + operationId: providers_saml_partial_update + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLProviderRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLProvider' + description: '' + delete: + operationId: providers_saml_destroy + description: SAMLProvider Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/providers/saml/{id}/metadata/: + get: + operationId: providers_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: query + name: download + schema: + type: boolean + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this SAML Provider. + required: true + tags: + - providers + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/providers/saml/import_metadata/: + post: + operationId: providers_saml_import_metadata_create + description: Create provider from SAML Metadata + tags: + - providers + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLProviderImportRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/root/config/: + get: + operationId: root_config_list + description: Retrive public configuration options + tags: + - root + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/Config' + description: '' + /api/v2beta/schema/: + get: + operationId: schema_retrieve + description: |- + OpenApi3 schema for this API. Format can be selected via content negotiation. + + - YAML: application/vnd.oai.openapi + - JSON: application/vnd.oai.openapi+json + parameters: + - in: query + name: format + schema: + type: string + enum: + - json + - yaml + - in: query + name: lang + schema: + type: string + enum: + - af + - ar + - ar-dz + - ast + - az + - be + - bg + - bn + - br + - bs + - ca + - cs + - cy + - da + - de + - dsb + - el + - en + - en-au + - en-gb + - eo + - es + - es-ar + - es-co + - es-mx + - es-ni + - es-ve + - et + - eu + - fa + - fi + - fr + - fy + - ga + - gd + - gl + - he + - hi + - hr + - hsb + - hu + - hy + - ia + - id + - ig + - io + - is + - it + - ja + - ka + - kab + - kk + - km + - kn + - ko + - ky + - lb + - lt + - lv + - mk + - ml + - mn + - mr + - my + - nb + - ne + - nl + - nn + - os + - pa + - pl + - pt + - pt-br + - ro + - ru + - sk + - sl + - sq + - sr + - sr-latn + - sv + - sw + - ta + - te + - tg + - th + - tk + - tr + - tt + - udm + - uk + - ur + - uz + - vi + - zh-hans + - zh-hant + tags: + - schema + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/vnd.oai.openapi: + schema: + type: object + additionalProperties: {} + application/yaml: + schema: + type: object + additionalProperties: {} + application/vnd.oai.openapi+json: + schema: + type: object + additionalProperties: {} + application/json: + schema: + type: object + additionalProperties: {} + description: '' + /api/v2beta/sources/all/: + get: + operationId: sources_all_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSourceList' + description: '' + /api/v2beta/sources/all/{slug}/: + get: + operationId: sources_all_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Source' + description: '' + delete: + operationId: sources_all_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/all/types/: + get: + operationId: sources_all_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/sources/all/user_settings/: + get: + operationId: sources_all_user_settings_list + description: Get all sources the user can configure + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/UserSetting' + description: '' + /api/v2beta/sources/ldap/: + get: + operationId: sources_ldap_list + description: LDAP Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedLDAPSourceList' + description: '' + post: + operationId: sources_ldap_create + description: LDAP Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + /api/v2beta/sources/ldap/{slug}/: + get: + operationId: sources_ldap_retrieve + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + put: + operationId: sources_ldap_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/LDAPSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + patch: + operationId: sources_ldap_partial_update + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedLDAPSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/LDAPSource' + description: '' + delete: + operationId: sources_ldap_destroy + description: LDAP Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/ldap/{slug}/sync_status/: + get: + operationId: sources_ldap_sync_status_retrieve + description: Get source's sync status + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Task' + description: '' + '404': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/sources/oauth/: + get: + operationId: sources_oauth_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedOAuthSourceList' + description: '' + post: + operationId: sources_oauth_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + /api/v2beta/sources/oauth/{slug}/: + get: + operationId: sources_oauth_retrieve + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + put: + operationId: sources_oauth_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/OAuthSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + patch: + operationId: sources_oauth_partial_update + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedOAuthSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/OAuthSource' + description: '' + delete: + operationId: sources_oauth_destroy + description: Source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/oauth/source_types/: + get: + operationId: sources_oauth_source_types_list + description: Get all creatable source types + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/SourceType' + description: '' + /api/v2beta/sources/oauth_user_connections/: + get: + operationId: sources_oauth_user_connections_list + description: Source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: source__slug + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserOAuthSourceConnectionList' + description: '' + post: + operationId: sources_oauth_user_connections_create + description: Source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + /api/v2beta/sources/oauth_user_connections/{id}/: + get: + operationId: sources_oauth_user_connections_retrieve + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + put: + operationId: sources_oauth_user_connections_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnectionRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + patch: + operationId: sources_oauth_user_connections_partial_update + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserOAuthSourceConnectionRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserOAuthSourceConnection' + description: '' + delete: + operationId: sources_oauth_user_connections_destroy + description: Source Viewset + parameters: + - in: path + name: id + schema: + type: integer + description: A unique integer value identifying this User OAuth Source Connection. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/plex/: + get: + operationId: sources_plex_list + description: Plex source Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPlexSourceList' + description: '' + post: + operationId: sources_plex_create + description: Plex source Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + /api/v2beta/sources/plex/{slug}/: + get: + operationId: sources_plex_retrieve + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + put: + operationId: sources_plex_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + patch: + operationId: sources_plex_partial_update + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPlexSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PlexSource' + description: '' + delete: + operationId: sources_plex_destroy + description: Plex source Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/plex/redeem_token/: + post: + operationId: sources_plex_redeem_token_create + description: |- + Redeem a plex token, check it's access to resources against what's allowed + for the source, and redirect to an authentication/enrollment flow. + parameters: + - in: query + name: slug + schema: + type: string + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PlexTokenRedeemRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + - {} + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/RedirectChallenge' + description: '' + '400': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + '403': + content: + application/json: + schema: + type: object + additionalProperties: {} + description: Unspecified response body + description: '' + /api/v2beta/sources/saml/: + get: + operationId: sources_saml_list + description: SAMLSource Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedSAMLSourceList' + description: '' + post: + operationId: sources_saml_create + description: SAMLSource Viewset + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + /api/v2beta/sources/saml/{slug}/: + get: + operationId: sources_saml_retrieve + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + put: + operationId: sources_saml_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/SAMLSourceRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + patch: + operationId: sources_saml_partial_update + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedSAMLSourceRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLSource' + description: '' + delete: + operationId: sources_saml_destroy + description: SAMLSource Viewset + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/sources/saml/{slug}/metadata/: + get: + operationId: sources_saml_metadata_retrieve + description: Return metadata as XML string + parameters: + - in: path + name: slug + schema: + type: string + description: Internal source name, used in URLs. + required: true + tags: + - sources + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/SAMLMetadata' + description: '' + /api/v2beta/stages/all/: + get: + operationId: stages_all_list + description: Stage Viewset + parameters: + - in: query + name: name + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedStageList' + description: '' + /api/v2beta/stages/all/{stage_uuid}/: + get: + operationId: stages_all_retrieve + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Stage' + description: '' + delete: + operationId: stages_all_destroy + description: Stage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/all/types/: + get: + operationId: stages_all_types_list + description: Get all creatable stage types + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/stages/all/user_settings/: + get: + operationId: stages_all_user_settings_list + description: Get all stages the user can configure + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/StageUserSetting' + description: '' + /api/v2beta/stages/authenticator/static/: + get: + operationId: stages_authenticator_static_list + description: AuthenticatorStaticStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorStaticStageList' + description: '' + post: + operationId: stages_authenticator_static_create + description: AuthenticatorStaticStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + /api/v2beta/stages/authenticator/static/{stage_uuid}/: + get: + operationId: stages_authenticator_static_retrieve + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + put: + operationId: stages_authenticator_static_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + patch: + operationId: stages_authenticator_static_partial_update + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorStaticStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorStaticStage' + description: '' + delete: + operationId: stages_authenticator_static_destroy + description: AuthenticatorStaticStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Static Authenticator Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/totp/: + get: + operationId: stages_authenticator_totp_list + description: AuthenticatorTOTPStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorTOTPStageList' + description: '' + post: + operationId: stages_authenticator_totp_create + description: AuthenticatorTOTPStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + /api/v2beta/stages/authenticator/totp/{stage_uuid}/: + get: + operationId: stages_authenticator_totp_retrieve + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + put: + operationId: stages_authenticator_totp_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + patch: + operationId: stages_authenticator_totp_partial_update + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorTOTPStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + description: '' + delete: + operationId: stages_authenticator_totp_destroy + description: AuthenticatorTOTPStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this TOTP Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/validate/: + get: + operationId: stages_authenticator_validate_list + description: AuthenticatorValidateStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticatorValidateStageList' + description: '' + post: + operationId: stages_authenticator_validate_create + description: AuthenticatorValidateStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + /api/v2beta/stages/authenticator/validate/{stage_uuid}/: + get: + operationId: stages_authenticator_validate_retrieve + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + put: + operationId: stages_authenticator_validate_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + patch: + operationId: stages_authenticator_validate_partial_update + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticatorValidateStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticatorValidateStage' + description: '' + delete: + operationId: stages_authenticator_validate_destroy + description: AuthenticatorValidateStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Authenticator Validation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/authenticator/webauthn/: + get: + operationId: stages_authenticator_webauthn_list + description: AuthenticateWebAuthnStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedAuthenticateWebAuthnStageList' + description: '' + post: + operationId: stages_authenticator_webauthn_create + description: AuthenticateWebAuthnStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + /api/v2beta/stages/authenticator/webauthn/{stage_uuid}/: + get: + operationId: stages_authenticator_webauthn_retrieve + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + put: + operationId: stages_authenticator_webauthn_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + patch: + operationId: stages_authenticator_webauthn_partial_update + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedAuthenticateWebAuthnStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + description: '' + delete: + operationId: stages_authenticator_webauthn_destroy + description: AuthenticateWebAuthnStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this WebAuthn Authenticator Setup Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/captcha/: + get: + operationId: stages_captcha_list + description: CaptchaStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedCaptchaStageList' + description: '' + post: + operationId: stages_captcha_create + description: CaptchaStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + /api/v2beta/stages/captcha/{stage_uuid}/: + get: + operationId: stages_captcha_retrieve + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + put: + operationId: stages_captcha_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/CaptchaStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + patch: + operationId: stages_captcha_partial_update + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedCaptchaStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/CaptchaStage' + description: '' + delete: + operationId: stages_captcha_destroy + description: CaptchaStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Captcha Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/consent/: + get: + operationId: stages_consent_list + description: ConsentStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedConsentStageList' + description: '' + post: + operationId: stages_consent_create + description: ConsentStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + /api/v2beta/stages/consent/{stage_uuid}/: + get: + operationId: stages_consent_retrieve + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + put: + operationId: stages_consent_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/ConsentStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + patch: + operationId: stages_consent_partial_update + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedConsentStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/ConsentStage' + description: '' + delete: + operationId: stages_consent_destroy + description: ConsentStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Consent Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/deny/: + get: + operationId: stages_deny_list + description: DenyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDenyStageList' + description: '' + post: + operationId: stages_deny_create + description: DenyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + /api/v2beta/stages/deny/{stage_uuid}/: + get: + operationId: stages_deny_retrieve + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + put: + operationId: stages_deny_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DenyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + patch: + operationId: stages_deny_partial_update + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDenyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DenyStage' + description: '' + delete: + operationId: stages_deny_destroy + description: DenyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Deny Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/dummy/: + get: + operationId: stages_dummy_list + description: DummyStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedDummyStageList' + description: '' + post: + operationId: stages_dummy_create + description: DummyStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + /api/v2beta/stages/dummy/{stage_uuid}/: + get: + operationId: stages_dummy_retrieve + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + put: + operationId: stages_dummy_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/DummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/DummyStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + patch: + operationId: stages_dummy_partial_update + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedDummyStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/DummyStage' + description: '' + delete: + operationId: stages_dummy_destroy + description: DummyStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Dummy Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/email/: + get: + operationId: stages_email_list + description: EmailStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedEmailStageList' + description: '' + post: + operationId: stages_email_create + description: EmailStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + /api/v2beta/stages/email/{stage_uuid}/: + get: + operationId: stages_email_retrieve + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + put: + operationId: stages_email_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/EmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/EmailStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + patch: + operationId: stages_email_partial_update + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedEmailStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/EmailStage' + description: '' + delete: + operationId: stages_email_destroy + description: EmailStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Email Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/email/templates/: + get: + operationId: stages_email_templates_list + description: Get all available templates, including custom templates + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + type: array + items: + $ref: '#/components/schemas/TypeCreate' + description: '' + /api/v2beta/stages/identification/: + get: + operationId: stages_identification_list + description: IdentificationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedIdentificationStageList' + description: '' + post: + operationId: stages_identification_create + description: IdentificationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + /api/v2beta/stages/identification/{stage_uuid}/: + get: + operationId: stages_identification_retrieve + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + put: + operationId: stages_identification_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/IdentificationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + patch: + operationId: stages_identification_partial_update + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedIdentificationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/IdentificationStage' + description: '' + delete: + operationId: stages_identification_destroy + description: IdentificationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Identification Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/invitation/invitations/: + get: + operationId: stages_invitation_invitations_list + description: Invitation Viewset + parameters: + - in: query + name: created_by__username + schema: + type: string + - in: query + name: expires + schema: + type: string + format: date-time + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationList' + description: '' + post: + operationId: stages_invitation_invitations_create + description: Invitation Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + /api/v2beta/stages/invitation/invitations/{invite_uuid}/: + get: + operationId: stages_invitation_invitations_retrieve + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + put: + operationId: stages_invitation_invitations_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + patch: + operationId: stages_invitation_invitations_partial_update + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Invitation' + description: '' + delete: + operationId: stages_invitation_invitations_destroy + description: Invitation Viewset + parameters: + - in: path + name: invite_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/invitation/stages/: + get: + operationId: stages_invitation_stages_list + description: InvitationStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedInvitationStageList' + description: '' + post: + operationId: stages_invitation_stages_create + description: InvitationStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + /api/v2beta/stages/invitation/stages/{stage_uuid}/: + get: + operationId: stages_invitation_stages_retrieve + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + put: + operationId: stages_invitation_stages_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/InvitationStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + patch: + operationId: stages_invitation_stages_partial_update + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedInvitationStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/InvitationStage' + description: '' + delete: + operationId: stages_invitation_stages_destroy + description: InvitationStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Invitation Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/password/: + get: + operationId: stages_password_list + description: PasswordStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPasswordStageList' + description: '' + post: + operationId: stages_password_create + description: PasswordStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + /api/v2beta/stages/password/{stage_uuid}/: + get: + operationId: stages_password_retrieve + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + put: + operationId: stages_password_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PasswordStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + patch: + operationId: stages_password_partial_update + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPasswordStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PasswordStage' + description: '' + delete: + operationId: stages_password_destroy + description: PasswordStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Password Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/prompt/prompts/: + get: + operationId: stages_prompt_prompts_list + description: Prompt Viewset + parameters: + - in: query + name: field_key + schema: + type: string + - in: query + name: label + schema: + type: string + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - in: query + name: placeholder + schema: + type: string + - name: search + required: false + in: query + description: A search term. + schema: + type: string + - in: query + name: type + schema: + type: string + enum: + - checkbox + - date + - date-time + - email + - hidden + - number + - password + - separator + - static + - text + - username + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptList' + description: '' + post: + operationId: stages_prompt_prompts_create + description: Prompt Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + /api/v2beta/stages/prompt/prompts/{prompt_uuid}/: + get: + operationId: stages_prompt_prompts_retrieve + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + put: + operationId: stages_prompt_prompts_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + patch: + operationId: stages_prompt_prompts_partial_update + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Prompt' + description: '' + delete: + operationId: stages_prompt_prompts_destroy + description: Prompt Viewset + parameters: + - in: path + name: prompt_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/prompt/stages/: + get: + operationId: stages_prompt_stages_list + description: PromptStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedPromptStageList' + description: '' + post: + operationId: stages_prompt_stages_create + description: PromptStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + /api/v2beta/stages/prompt/stages/{stage_uuid}/: + get: + operationId: stages_prompt_stages_retrieve + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + put: + operationId: stages_prompt_stages_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PromptStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + patch: + operationId: stages_prompt_stages_partial_update + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedPromptStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PromptStage' + description: '' + delete: + operationId: stages_prompt_stages_destroy + description: PromptStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this Prompt Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_delete/: + get: + operationId: stages_user_delete_list + description: UserDeleteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserDeleteStageList' + description: '' + post: + operationId: stages_user_delete_create + description: UserDeleteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + /api/v2beta/stages/user_delete/{stage_uuid}/: + get: + operationId: stages_user_delete_retrieve + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + put: + operationId: stages_user_delete_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserDeleteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + patch: + operationId: stages_user_delete_partial_update + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserDeleteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserDeleteStage' + description: '' + delete: + operationId: stages_user_delete_destroy + description: UserDeleteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Delete Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_login/: + get: + operationId: stages_user_login_list + description: UserLoginStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLoginStageList' + description: '' + post: + operationId: stages_user_login_create + description: UserLoginStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + /api/v2beta/stages/user_login/{stage_uuid}/: + get: + operationId: stages_user_login_retrieve + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + put: + operationId: stages_user_login_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLoginStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + patch: + operationId: stages_user_login_partial_update + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLoginStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLoginStage' + description: '' + delete: + operationId: stages_user_login_destroy + description: UserLoginStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Login Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_logout/: + get: + operationId: stages_user_logout_list + description: UserLogoutStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserLogoutStageList' + description: '' + post: + operationId: stages_user_logout_create + description: UserLogoutStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + /api/v2beta/stages/user_logout/{stage_uuid}/: + get: + operationId: stages_user_logout_retrieve + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + put: + operationId: stages_user_logout_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserLogoutStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + patch: + operationId: stages_user_logout_partial_update + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserLogoutStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserLogoutStage' + description: '' + delete: + operationId: stages_user_logout_destroy + description: UserLogoutStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Logout Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body + /api/v2beta/stages/user_write/: + get: + operationId: stages_user_write_list + description: UserWriteStage Viewset + parameters: + - name: ordering + required: false + in: query + description: Which field to use when ordering the results. + schema: + type: string + - name: page + required: false + in: query + description: A page number within the paginated result set. + schema: + type: integer + - name: page_size + required: false + in: query + description: Number of results to return per page. + schema: + type: integer + - name: search + required: false + in: query + description: A search term. + schema: + type: string + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/PaginatedUserWriteStageList' + description: '' + post: + operationId: stages_user_write_create + description: UserWriteStage Viewset + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '201': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + /api/v2beta/stages/user_write/{stage_uuid}/: + get: + operationId: stages_user_write_retrieve + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + put: + operationId: stages_user_write_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/UserWriteStageRequest' + required: true + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + patch: + operationId: stages_user_write_partial_update + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + application/x-www-form-urlencoded: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + multipart/form-data: + schema: + $ref: '#/components/schemas/PatchedUserWriteStageRequest' + security: + - authentik: [] + - cookieAuth: [] + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/UserWriteStage' + description: '' + delete: + operationId: stages_user_write_destroy + description: UserWriteStage Viewset + parameters: + - in: path + name: stage_uuid + schema: + type: string + format: uuid + description: A UUID string identifying this User Write Stage. + required: true + tags: + - stages + security: + - authentik: [] + - cookieAuth: [] + responses: + '204': + description: No response body +components: + schemas: + ActionEnum: + enum: + - login + - login_failed + - logout + - user_write + - suspicious_request + - password_set + - secret_view + - invitation_used + - authorize_application + - source_linked + - impersonation_started + - impersonation_ended + - policy_execution + - policy_exception + - property_mapping_exception + - system_task_execution + - system_task_exception + - configuration_error + - model_created + - model_updated + - model_deleted + - update_available + - custom_ + type: string + App: + type: object + description: Serialize Application info + properties: + name: + type: string + label: + type: string + required: + - label + - name + AppEnum: + enum: + - authentik.admin + - authentik.api + - authentik.events + - authentik.crypto + - authentik.flows + - authentik.outposts + - authentik.lib + - authentik.policies + - authentik.policies.dummy + - authentik.policies.event_matcher + - authentik.policies.expiry + - authentik.policies.expression + - authentik.policies.hibp + - authentik.policies.password + - authentik.policies.reputation + - authentik.providers.proxy + - authentik.providers.ldap + - authentik.providers.oauth2 + - authentik.providers.saml + - authentik.recovery + - authentik.sources.ldap + - authentik.sources.oauth + - authentik.sources.plex + - authentik.sources.saml + - authentik.stages.authenticator_static + - authentik.stages.authenticator_totp + - authentik.stages.authenticator_validate + - authentik.stages.authenticator_webauthn + - authentik.stages.captcha + - authentik.stages.consent + - authentik.stages.deny + - authentik.stages.dummy + - authentik.stages.email + - authentik.stages.identification + - authentik.stages.invitation + - authentik.stages.password + - authentik.stages.prompt + - authentik.stages.user_delete + - authentik.stages.user_login + - authentik.stages.user_logout + - authentik.stages.user_write + - authentik.core + - authentik.managed + type: string + Application: + type: object + description: Application Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/Provider' + launch_url: + type: string + nullable: true + readOnly: true + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: uri + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - launch_url + - name + - pk + - slug + ApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: binary + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - name + - slug + AuthenticateWebAuthnStage: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + required: + - name + AuthenticatorStaticStage: + type: object + description: AuthenticatorStaticStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - name + AuthenticatorTOTPStage: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - component + - digits + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + required: + - digits + - name + AuthenticatorValidateStage: + type: object + description: AuthenticatorValidateStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + AuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + required: + - name + BackendsEnum: + enum: + - django.contrib.auth.backends.ModelBackend + - authentik.sources.ldap.auth.LDAPBackend + type: string + BindingTypeEnum: + enum: + - REDIRECT + - POST + - POST_AUTO + type: string + BlankEnum: + enum: + - '' + Cache: + type: object + description: Generic cache stats for an object + properties: + count: + type: integer + readOnly: true + required: + - count + CaptchaStage: + type: object + description: CaptchaStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - component + - name + - pk + - public_key + - verbose_name + - verbose_name_plural + CaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + required: + - name + - private_key + - public_key + CertificateData: + type: object + description: Get CertificateKeyPair's data + properties: + data: + type: string + readOnly: true + required: + - data + CertificateGenerationRequest: + type: object + description: Certificate generation parameters + properties: + common_name: + type: string + subject_alt_name: + type: string + validity_days: + type: integer + required: + - common_name + - validity_days + CertificateKeyPair: + type: object + description: CertificateKeyPair Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Kp uuid + name: + type: string + fingerprint: + type: string + readOnly: true + cert_expiry: + type: string + format: date-time + readOnly: true + cert_subject: + type: string + readOnly: true + private_key_available: + type: boolean + readOnly: true + required: + - cert_expiry + - cert_subject + - fingerprint + - name + - pk + - private_key_available + CertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + required: + - certificate_data + - name + Challenge: + type: object + description: |- + Challenge that gets sent to the client based on which stage + is currently active + properties: + type: + $ref: '#/components/schemas/Type4f1Enum' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + required: + - type + ClientTypeEnum: + enum: + - confidential + - public + type: string + Config: + type: object + description: Serialize authentik Config into DRF Object + properties: + branding_logo: + type: string + readOnly: true + branding_title: + type: string + readOnly: true + ui_footer_links: + type: array + items: + $ref: '#/components/schemas/FooterLink' + readOnly: true + error_reporting_enabled: + type: boolean + readOnly: true + error_reporting_environment: + type: string + readOnly: true + error_reporting_send_pii: + type: boolean + readOnly: true + required: + - branding_logo + - branding_title + - error_reporting_enabled + - error_reporting_environment + - error_reporting_send_pii + - ui_footer_links + ConsentStage: + type: object + description: ConsentStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ConsentStageModeEnum: + enum: + - always_require + - permanent + - expiring + type: string + ConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + Coordinate: + type: object + description: Coordinates for diagrams + properties: + x_cord: + type: integer + readOnly: true + y_cord: + type: integer + readOnly: true + required: + - x_cord + - y_cord + DenyStage: + type: object + description: DenyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + DesignationEnum: + enum: + - authentication + - authorization + - invalidation + - enrollment + - unenrollment + - recovery + - stage_configuration + type: string + DeviceClassesEnum: + enum: + - static + - totp + - webauthn + type: string + DigestAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#sha1 + - http://www.w3.org/2001/04/xmlenc#sha256 + - http://www.w3.org/2001/04/xmldsig-more#sha384 + - http://www.w3.org/2001/04/xmlenc#sha512 + type: string + DigitsEnum: + enum: + - 6 + - 8 + type: integer + DockerServiceConnection: + type: object + description: DockerServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - component + - name + - pk + - url + - verbose_name + - verbose_name_plural + DockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + required: + - name + - url + DummyPolicy: + type: object + description: Dummy Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + DummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + DummyStage: + type: object + description: DummyStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + DummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + EmailStage: + type: object + description: EmailStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + EmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + required: + - name + ErrorDetail: + type: object + description: Serializer for rest_framework's error messages + properties: + string: + type: string + code: + type: string + required: + - code + - string + Event: + type: object + description: Event Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Event uuid + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + created: + type: string + format: date-time + readOnly: true + expires: + type: string + format: date-time + required: + - action + - app + - created + - pk + EventMatcherPolicy: + type: object + description: Event Matcher Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + EventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + EventRequest: + type: object + description: Event Serializer + properties: + user: + type: object + additionalProperties: {} + action: + type: string + app: + type: string + context: + type: object + additionalProperties: {} + client_ip: + type: string + nullable: true + expires: + type: string + format: date-time + required: + - action + - app + EventTopPerUser: + type: object + description: Response object of Event's top_per_user + properties: + application: + type: object + additionalProperties: {} + counted_events: + type: integer + unique_users: + type: integer + required: + - application + - counted_events + - unique_users + ExpiringBaseGrantModel: + type: object + description: Serializer for BaseGrantModel and ExpiringBaseGrant + properties: + pk: + type: integer + readOnly: true + title: ID + provider: + $ref: '#/components/schemas/OAuth2Provider' + user: + $ref: '#/components/schemas/User' + is_expired: + type: boolean + readOnly: true + expires: + type: string + format: date-time + scope: + type: array + items: + type: string + required: + - is_expired + - pk + - provider + - scope + - user + ExpressionPolicy: + type: object + description: Group Membership Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + expression: + type: string + required: + - bound_to + - component + - expression + - pk + - verbose_name + - verbose_name_plural + ExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + required: + - expression + Flow: + type: object + description: Flow Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Flow uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: uri + description: Background shown during execution + stages: + type: array + items: + type: string + format: uuid + readOnly: true + policies: + type: array + items: + type: string + format: uuid + readOnly: true + cache_count: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - cache_count + - designation + - name + - pk + - policies + - policybindingmodel_ptr_id + - slug + - stages + - title + FlowDiagram: + type: object + description: response of the flow's diagram action + properties: + diagram: + type: string + readOnly: true + required: + - diagram + FlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: binary + description: Background shown during execution + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - designation + - name + - slug + - title + FlowStageBinding: + type: object + description: FlowStageBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Fsb uuid + policybindingmodel_ptr_id: + type: string + format: uuid + readOnly: true + target: + type: string + format: uuid + stage: + type: string + format: uuid + stage_obj: + allOf: + - $ref: '#/components/schemas/Stage' + readOnly: true + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - order + - pk + - policybindingmodel_ptr_id + - stage + - stage_obj + - target + FlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + required: + - order + - stage + - target + FooterLink: + type: object + description: Links returned in Config API + properties: + href: + type: string + readOnly: true + name: + type: string + readOnly: true + required: + - href + - name + Group: + type: object + description: Group Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Group uuid + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - pk + - users + GroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + required: + - name + - parent + - users + HaveIBeenPwendPolicy: + type: object + description: Have I Been Pwned Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + HaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + IPReputation: + type: object + description: IPReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - ip + - pk + - updated + IPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - ip + IdentificationStage: + type: object + description: IdentificationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + IdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + required: + - name + IntentEnum: + enum: + - verification + - api + - recovery + type: string + Invitation: + type: object + description: Invitation Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Invite uuid + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + created_by: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + required: + - created_by + - pk + InvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + InvitationStage: + type: object + description: InvitationStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + InvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + required: + - name + IssuerModeEnum: + enum: + - global + - per_provider + type: string + JwtAlgEnum: + enum: + - HS256 + - RS256 + type: string + KubernetesServiceConnection: + type: object + description: KubernetesServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + KubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + required: + - name + LDAPOutpostConfig: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + base_dn: + type: string + description: DN under which objects are accessible. + bind_flow_slug: + type: string + application_slug: + type: string + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - application_slug + - bind_flow_slug + - name + - pk + LDAPPropertyMapping: + type: object + description: LDAP PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + object_field: + type: string + required: + - component + - expression + - name + - object_field + - pk + - verbose_name + - verbose_name_plural + LDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + required: + - expression + - name + - object_field + LDAPProvider: + type: object + description: LDAPProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + LDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + required: + - authorization_flow + - name + LDAPSource: + type: object + description: LDAP Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - component + - name + - pk + - server_uri + - slug + - verbose_name + - verbose_name_plural + LDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + required: + - base_dn + - bind_cn + - bind_password + - name + - server_uri + - slug + Link: + type: object + description: Returns a single link + properties: + link: + type: string + required: + - link + LoginMetrics: + type: object + description: Login Metrics per 1h + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - logins_failed_per_1h + - logins_per_1h + NameIdPolicyEnum: + enum: + - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress + - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent + - urn:oasis:names:tc:SAML:2.0:nameid-format:X509SubjectName + - urn:oasis:names:tc:SAML:2.0:nameid-format:WindowsDomainQualifiedName + - urn:oasis:names:tc:SAML:2.0:nameid-format:transient + type: string + Nested: + type: object + properties: + id: + type: integer + readOnly: true + token: + type: string + maxLength: 16 + device: + allOf: + - $ref: '#/components/schemas/Nested' + readOnly: true + required: + - device + - id + - token + NestedRequest: + type: object + properties: + token: + type: string + maxLength: 16 + required: + - token + NotConfiguredActionEnum: + enum: + - skip + - deny + - configure + type: string + Notification: + type: object + description: Notification Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + readOnly: true + body: + type: string + readOnly: true + created: + type: string + format: date-time + readOnly: true + event: + $ref: '#/components/schemas/Event' + seen: + type: boolean + required: + - body + - created + - pk + - severity + NotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + NotificationRule: + type: object + description: NotificationRule Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + required: + - group_obj + - name + - pk + - transports + NotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + required: + - name + - transports + NotificationTransport: + type: object + description: NotificationTransport Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + mode_verbose: + type: string + readOnly: true + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - mode_verbose + - name + - pk + NotificationTransportModeEnum: + enum: + - webhook + - webhook_slack + - email + type: string + NotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + required: + - mode + - name + NotificationTransportTest: + type: object + description: Notification test serializer + properties: + messages: + type: array + items: + type: string + required: + - messages + OAuth2Provider: + type: object + description: OAuth2Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + OAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + required: + - authorization_flow + - name + OAuth2ProviderSetupURLs: + type: object + description: OAuth2 Provider Metadata serializer + properties: + issuer: + type: string + readOnly: true + authorize: + type: string + readOnly: true + token: + type: string + readOnly: true + user_info: + type: string + readOnly: true + provider_info: + type: string + readOnly: true + logout: + type: string + readOnly: true + required: + - authorize + - issuer + - logout + - provider_info + - token + - user_info + OAuthSource: + type: object + description: OAuth Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + callback_url: + type: string + readOnly: true + type: + allOf: + - $ref: '#/components/schemas/SourceType' + readOnly: true + required: + - callback_url + - component + - consumer_key + - name + - pk + - provider_type + - slug + - type + - verbose_name + - verbose_name_plural + OAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + required: + - consumer_key + - consumer_secret + - name + - provider_type + - slug + OpenIDConnectConfiguration: + type: object + description: rest_framework Serializer for OIDC Configuration + properties: + issuer: + type: string + authorization_endpoint: + type: string + token_endpoint: + type: string + userinfo_endpoint: + type: string + end_session_endpoint: + type: string + introspection_endpoint: + type: string + jwks_uri: + type: string + response_types_supported: + type: array + items: + type: string + id_token_signing_alg_values_supported: + type: array + items: + type: string + subject_types_supported: + type: array + items: + type: string + token_endpoint_auth_methods_supported: + type: array + items: + type: string + required: + - authorization_endpoint + - end_session_endpoint + - id_token_signing_alg_values_supported + - introspection_endpoint + - issuer + - jwks_uri + - response_types_supported + - subject_types_supported + - token_endpoint + - token_endpoint_auth_methods_supported + - userinfo_endpoint + Outpost: + type: object + description: Outpost Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + providers_obj: + type: array + items: + $ref: '#/components/schemas/Provider' + readOnly: true + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + token_identifier: + type: string + readOnly: true + config: + type: object + additionalProperties: {} + required: + - config + - name + - pk + - providers + - providers_obj + - token_identifier + OutpostDefaultConfig: + type: object + description: Global default outpost config + properties: + config: + type: object + additionalProperties: {} + readOnly: true + required: + - config + OutpostHealth: + type: object + description: Outpost health status + properties: + last_seen: + type: string + format: date-time + readOnly: true + version: + type: string + readOnly: true + version_should: + type: string + readOnly: true + version_outdated: + type: boolean + readOnly: true + required: + - last_seen + - version + - version_outdated + - version_should + OutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + required: + - config + - name + - providers + OutpostTypeEnum: + enum: + - proxy + - ldap + type: string + PaginatedApplicationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Application' + PaginatedAuthenticateWebAuthnStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticateWebAuthnStage' + PaginatedAuthenticatorStaticStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorStaticStage' + PaginatedAuthenticatorTOTPStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorTOTPStage' + PaginatedAuthenticatorValidateStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/AuthenticatorValidateStage' + PaginatedCaptchaStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/CaptchaStage' + PaginatedCertificateKeyPairList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/CertificateKeyPair' + PaginatedConsentStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ConsentStage' + PaginatedDenyStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DenyStage' + PaginatedDockerServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DockerServiceConnection' + PaginatedDummyPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DummyPolicy' + PaginatedDummyStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/DummyStage' + PaginatedEmailStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EmailStage' + PaginatedEventList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Event' + PaginatedEventMatcherPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EventMatcherPolicy' + PaginatedEventTopPerUserList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/EventTopPerUser' + PaginatedExpiringBaseGrantModelList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ExpiringBaseGrantModel' + PaginatedExpressionPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ExpressionPolicy' + PaginatedFlowList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Flow' + PaginatedFlowStageBindingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/FlowStageBinding' + PaginatedGroupList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Group' + PaginatedHaveIBeenPwendPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/HaveIBeenPwendPolicy' + PaginatedIPReputationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/IPReputation' + PaginatedIdentificationStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/IdentificationStage' + PaginatedInvitationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Invitation' + PaginatedInvitationStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/InvitationStage' + PaginatedKubernetesServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/KubernetesServiceConnection' + PaginatedLDAPOutpostConfigList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPOutpostConfig' + PaginatedLDAPPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPPropertyMapping' + PaginatedLDAPProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPProvider' + PaginatedLDAPSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/LDAPSource' + PaginatedNotificationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Notification' + PaginatedNotificationRuleList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/NotificationRule' + PaginatedNotificationTransportList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/NotificationTransport' + PaginatedOAuth2ProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OAuth2Provider' + PaginatedOAuthSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OAuthSource' + PaginatedOutpostHealthList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/OutpostHealth' + PaginatedOutpostList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Outpost' + PaginatedPasswordExpiryPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordExpiryPolicy' + PaginatedPasswordPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordPolicy' + PaginatedPasswordStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PasswordStage' + PaginatedPlexSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PlexSource' + PaginatedPolicyBindingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PolicyBinding' + PaginatedPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Policy' + PaginatedPromptList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Prompt' + PaginatedPromptStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PromptStage' + PaginatedPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/PropertyMapping' + PaginatedProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Provider' + PaginatedProxyOutpostConfigList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ProxyOutpostConfig' + PaginatedProxyProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ProxyProvider' + PaginatedReputationPolicyList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ReputationPolicy' + PaginatedSAMLPropertyMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLPropertyMapping' + PaginatedSAMLProviderList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLProvider' + PaginatedSAMLSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/SAMLSource' + PaginatedScopeMappingList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ScopeMapping' + PaginatedServiceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/ServiceConnection' + PaginatedSourceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Source' + PaginatedStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Stage' + PaginatedStaticDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/StaticDevice' + PaginatedTOTPDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/TOTPDevice' + PaginatedTokenList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/Token' + PaginatedUserConsentList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserConsent' + PaginatedUserDeleteStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserDeleteStage' + PaginatedUserList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/User' + PaginatedUserLoginStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserLoginStage' + PaginatedUserLogoutStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserLogoutStage' + PaginatedUserOAuthSourceConnectionList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserOAuthSourceConnection' + PaginatedUserReputationList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserReputation' + PaginatedUserWriteStageList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/UserWriteStage' + PaginatedWebAuthnDeviceList: + type: object + properties: + count: + type: integer + example: 123 + next: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=4 + previous: + type: string + nullable: true + format: uri + example: http://api.example.org/accounts/?page=2 + results: + type: array + items: + $ref: '#/components/schemas/WebAuthnDevice' + PasswordExpiryPolicy: + type: object + description: Password Expiry Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - bound_to + - component + - days + - pk + - verbose_name + - verbose_name_plural + PasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + required: + - days + PasswordPolicy: + type: object + description: Password Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - bound_to + - component + - error_message + - pk + - verbose_name + - verbose_name_plural + PasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + required: + - error_message + PasswordStage: + type: object + description: PasswordStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - component + - name + - pk + - verbose_name + - verbose_name_plural + PasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + required: + - backends + - name + PatchedApplicationRequest: + type: object + description: Application Serializer + properties: + name: + type: string + description: Application's display Name. + slug: + type: string + description: Internal application name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + provider: + type: integer + nullable: true + provider_obj: + $ref: '#/components/schemas/ProviderRequest' + meta_launch_url: + type: string + format: uri + maxLength: 200 + meta_icon: + type: string + format: binary + meta_description: + type: string + meta_publisher: + type: string + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedAuthenticateWebAuthnStageRequest: + type: object + description: AuthenticateWebAuthnStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + PatchedAuthenticatorStaticStageRequest: + type: object + description: AuthenticatorStaticStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + token_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedAuthenticatorTOTPStageRequest: + type: object + description: AuthenticatorTOTPStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + digits: + allOf: + - $ref: '#/components/schemas/DigitsEnum' + minimum: -2147483648 + maximum: 2147483647 + PatchedAuthenticatorValidateStageRequest: + type: object + description: AuthenticatorValidateStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + not_configured_action: + $ref: '#/components/schemas/NotConfiguredActionEnum' + device_classes: + type: array + items: + $ref: '#/components/schemas/DeviceClassesEnum' + description: Device classes which can be used to authenticate + configuration_stage: + type: string + format: uuid + nullable: true + description: Stage used to configure Authenticator when user doesn't have + any compatible devices. After this configuration Stage passes, the user + is not prompted again. + PatchedCaptchaStageRequest: + type: object + description: CaptchaStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + public_key: + type: string + description: Public key, acquired from https://www.google.com/recaptcha/intro/v3.html + private_key: + type: string + writeOnly: true + description: Private key, acquired from https://www.google.com/recaptcha/intro/v3.html + PatchedCertificateKeyPairRequest: + type: object + description: CertificateKeyPair Serializer + properties: + name: + type: string + certificate_data: + type: string + writeOnly: true + description: PEM-encoded Certificate data + key_data: + type: string + writeOnly: true + description: Optional Private Key. If this is set, you can use this keypair + for encryption. + PatchedConsentStageRequest: + type: object + description: ConsentStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + mode: + $ref: '#/components/schemas/ConsentStageModeEnum' + consent_expire_in: + type: string + title: Consent expires in + description: 'Offset after which consent expires. (Format: hours=1;minutes=2;seconds=3).' + PatchedDenyStageRequest: + type: object + description: DenyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedDockerServiceConnectionRequest: + type: object + description: DockerServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + url: + type: string + description: Can be in the format of 'unix://' when connecting to + a local docker daemon, or 'https://:2376' when connecting to + a remote system. + tls_verification: + type: string + format: uuid + nullable: true + description: CA which the endpoint's Certificate is verified against. Can + be left empty for no validation. + tls_authentication: + type: string + format: uuid + nullable: true + description: Certificate/Key used for authentication. Can be left empty + for no authentication. + PatchedDummyPolicyRequest: + type: object + description: Dummy Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + result: + type: boolean + wait_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + wait_max: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedDummyStageRequest: + type: object + description: DummyStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedEmailStageRequest: + type: object + description: EmailStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + use_global_settings: + type: boolean + description: When enabled, global Email connection settings will be used + and connection settings below will be ignored. + host: + type: string + port: + type: integer + maximum: 2147483647 + minimum: -2147483648 + username: + type: string + password: + type: string + writeOnly: true + use_tls: + type: boolean + use_ssl: + type: boolean + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + from_address: + type: string + format: email + maxLength: 254 + token_expiry: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Time in minutes the token sent is valid. + subject: + type: string + template: + type: string + PatchedEventMatcherPolicyRequest: + type: object + description: Event Matcher Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + action: + description: Match created events with this action type. When left empty, + all action types will be matched. + oneOf: + - $ref: '#/components/schemas/ActionEnum' + - $ref: '#/components/schemas/BlankEnum' + client_ip: + type: string + description: Matches Event's Client IP (strict matching, for network matching + use an Expression Policy) + app: + description: Match events created by selected application. When left empty, + all applications are matched. + oneOf: + - $ref: '#/components/schemas/AppEnum' + - $ref: '#/components/schemas/BlankEnum' + PatchedExpressionPolicyRequest: + type: object + description: Group Membership Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + expression: + type: string + PatchedFlowRequest: + type: object + description: Flow Serializer + properties: + name: + type: string + slug: + type: string + description: Visible in the URL. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + title: + type: string + description: Shown as the Title in Flow pages. + designation: + allOf: + - $ref: '#/components/schemas/DesignationEnum' + description: Decides what this Flow is used for. For example, the Authentication + flow is redirect to when an un-authenticated user visits authentik. + background: + type: string + format: binary + description: Background shown during execution + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedFlowStageBindingRequest: + type: object + description: FlowStageBinding Serializer + properties: + target: + type: string + format: uuid + stage: + type: string + format: uuid + evaluate_on_plan: + type: boolean + description: Evaluate policies during the Flow planning process. Disable + this for input-based policies. + re_evaluate_policies: + type: boolean + description: Evaluate policies when the Stage is present to the user. + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + PatchedGroupRequest: + type: object + description: Group Serializer + properties: + name: + type: string + maxLength: 80 + is_superuser: + type: boolean + description: Users added to this group will be superusers. + parent: + type: string + format: uuid + nullable: true + users: + type: array + items: + type: integer + attributes: + type: object + additionalProperties: {} + PatchedHaveIBeenPwendPolicyRequest: + type: object + description: Have I Been Pwned Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + allowed_count: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIPReputationRequest: + type: object + description: IPReputation Serializer + properties: + ip: + type: string + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedIdentificationStageRequest: + type: object + description: IdentificationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + user_fields: + type: array + items: + $ref: '#/components/schemas/UserFieldsEnum' + description: Fields of the user object to match against. (Hold shift to + select multiple options) + case_insensitive_matching: + type: boolean + description: When enabled, user fields are matched regardless of their casing. + show_matched_user: + type: boolean + description: When a valid username/email has been entered, and this option + is enabled, the user's username and avatar will be shown. Otherwise, the + text that the user entered will be shown + enrollment_flow: + type: string + format: uuid + nullable: true + description: Optional enrollment flow, which is linked at the bottom of + the page. + recovery_flow: + type: string + format: uuid + nullable: true + description: Optional recovery flow, which is linked at the bottom of the + page. + PatchedInvitationRequest: + type: object + description: Invitation Serializer + properties: + expires: + type: string + format: date-time + nullable: true + fixed_data: + type: object + additionalProperties: {} + single_use: + type: boolean + description: When enabled, the invitation will be deleted after usage. + PatchedInvitationStageRequest: + type: object + description: InvitationStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + continue_flow_without_invitation: + type: boolean + description: If this flag is set, this Stage will jump to the next Stage + when no Invitation is given. By default this Stage will cancel the Flow + when no invitation is given. + PatchedKubernetesServiceConnectionRequest: + type: object + description: KubernetesServiceConnection Serializer + properties: + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + kubeconfig: + type: object + additionalProperties: {} + description: Paste your kubeconfig here. authentik will automatically use + the currently selected context. + PatchedLDAPPropertyMappingRequest: + type: object + description: LDAP PropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + object_field: + type: string + PatchedLDAPProviderRequest: + type: object + description: LDAPProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + base_dn: + type: string + description: DN under which objects are accessible. + search_group: + type: string + format: uuid + nullable: true + description: Users in this group can do search queries. If not set, every + user can execute search queries. + PatchedLDAPSourceRequest: + type: object + description: LDAP Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + server_uri: + type: string + format: uri + bind_cn: + type: string + bind_password: + type: string + writeOnly: true + start_tls: + type: boolean + title: Enable Start TLS + base_dn: + type: string + additional_user_dn: + type: string + title: Addition User DN + description: Prepended to Base DN for User-queries. + additional_group_dn: + type: string + title: Addition Group DN + description: Prepended to Base DN for Group-queries. + user_object_filter: + type: string + description: Consider Objects matching this filter to be Users. + group_object_filter: + type: string + description: Consider Objects matching this filter to be Groups. + group_membership_field: + type: string + description: Field which contains members of a group. + object_uniqueness_field: + type: string + description: Field which contains a unique Identifier. + sync_users: + type: boolean + sync_users_password: + type: boolean + description: When a user changes their password, sync it back to LDAP. This + can only be enabled on a single LDAP source. + sync_groups: + type: boolean + sync_parent_group: + type: string + format: uuid + nullable: true + property_mappings: + type: array + items: + type: string + format: uuid + property_mappings_group: + type: array + items: + type: string + format: uuid + description: Property mappings used for group creation/updating. + PatchedNotificationRequest: + type: object + description: Notification Serializer + properties: + event: + $ref: '#/components/schemas/EventRequest' + seen: + type: boolean + PatchedNotificationRuleRequest: + type: object + description: NotificationRule Serializer + properties: + name: + type: string + transports: + type: array + items: + type: string + format: uuid + description: Select which transports should be used to notify the user. + If none are selected, the notification will only be shown in the authentik + UI. + severity: + allOf: + - $ref: '#/components/schemas/SeverityEnum' + description: Controls which severity level the created notifications will + have. + group: + type: string + format: uuid + nullable: true + description: Define which group of users this notification should be sent + and shown to. If left empty, Notification won't ben sent. + PatchedNotificationTransportRequest: + type: object + description: NotificationTransport Serializer + properties: + name: + type: string + mode: + $ref: '#/components/schemas/NotificationTransportModeEnum' + webhook_url: + type: string + send_once: + type: boolean + description: Only send notification once, for example when sending a webhook + into a chat channel. + PatchedOAuth2ProviderRequest: + type: object + description: OAuth2Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + client_type: + allOf: + - $ref: '#/components/schemas/ClientTypeEnum' + description: |- + Confidential clients are capable of maintaining the confidentiality + of their credentials. Public clients are incapable. + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + access_code_validity: + type: string + description: 'Access codes not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + token_validity: + type: string + description: 'Tokens not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + include_claims_in_id_token: + type: boolean + description: Include User claims from scopes in the id_token, for applications + that don't access the userinfo endpoint. + jwt_alg: + allOf: + - $ref: '#/components/schemas/JwtAlgEnum' + title: JWT Algorithm + description: Algorithm used to sign the JWT Token + rsa_key: + type: string + format: uuid + nullable: true + description: Key used to sign the tokens. Only required when JWT Algorithm + is set to RS256. + redirect_uris: + type: string + description: Enter each URI on a new line. + sub_mode: + allOf: + - $ref: '#/components/schemas/SubModeEnum' + description: Configure what data should be used as unique User Identifier. + For most cases, the default should be fine. + issuer_mode: + allOf: + - $ref: '#/components/schemas/IssuerModeEnum' + description: Configure how the issuer field of the ID Token should be filled. + PatchedOAuthSourceRequest: + type: object + description: OAuth Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + provider_type: + type: string + maxLength: 255 + request_token_url: + type: string + nullable: true + description: URL used to request the initial token. This URL is only required + for OAuth 1. + maxLength: 255 + authorization_url: + type: string + nullable: true + description: URL the user is redirect to to conest the flow. + maxLength: 255 + access_token_url: + type: string + nullable: true + description: URL used by authentik to retrive tokens. + maxLength: 255 + profile_url: + type: string + nullable: true + description: URL used by authentik to get user information. + maxLength: 255 + consumer_key: + type: string + consumer_secret: + type: string + writeOnly: true + PatchedOutpostRequest: + type: object + description: Outpost Serializer + properties: + name: + type: string + type: + $ref: '#/components/schemas/OutpostTypeEnum' + providers: + type: array + items: + type: integer + service_connection: + type: string + format: uuid + nullable: true + description: Select Service-Connection authentik should use to manage this + outpost. Leave empty if authentik should not handle the deployment. + config: + type: object + additionalProperties: {} + PatchedPasswordExpiryPolicyRequest: + type: object + description: Password Expiry Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + days: + type: integer + maximum: 2147483647 + minimum: -2147483648 + deny_only: + type: boolean + PatchedPasswordPolicyRequest: + type: object + description: Password Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + password_field: + type: string + description: Field key to check, field keys defined in Prompt stages are + available. + amount_uppercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_lowercase: + type: integer + maximum: 2147483647 + minimum: -2147483648 + amount_symbols: + type: integer + maximum: 2147483647 + minimum: -2147483648 + length_min: + type: integer + maximum: 2147483647 + minimum: -2147483648 + symbol_charset: + type: string + error_message: + type: string + PatchedPasswordStageRequest: + type: object + description: PasswordStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + backends: + type: array + items: + $ref: '#/components/schemas/BackendsEnum' + description: Selection of backends to test the password against. + configure_flow: + type: string + format: uuid + nullable: true + description: Flow used by an authenticated user to configure this Stage. + If empty, user will not be able to configure this stage. + failed_attempts_before_cancel: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: How many attempts a user has before the flow is canceled. To + lock the user out, use a reputation policy and a user_write stage. + PatchedPlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + PatchedPolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + PatchedPromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + PatchedPromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + PatchedProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + PatchedReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedSAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + PatchedSAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + PatchedSAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + PatchedScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + PatchedStaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + PatchedTokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + PatchedUserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + PatchedUserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedUserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + PatchedUserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + PatchedUserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + PatchedUserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + PatchedWebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + PlexSource: + type: object + description: Plex Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + PlexSourceRequest: + type: object + description: Plex Source Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + client_id: + type: string + description: Client identifier used to talk to Plex. + allowed_servers: + type: array + items: + type: string + description: Which servers a user has to be a member of to be granted access. + Empty list allows every server. + allow_friends: + type: boolean + description: Allow friends to authenticate, even if you don't share a server. + plex_token: + type: string + description: Plex token used to check firends + required: + - name + - slug + PlexTokenRedeemRequest: + type: object + description: Serializer to redeem a plex token + properties: + plex_token: + type: string + required: + - plex_token + Policy: + type: object + description: Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + PolicyBinding: + type: object + description: PolicyBinding Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy binding uuid + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + policy_obj: + allOf: + - $ref: '#/components/schemas/Policy' + readOnly: true + group_obj: + allOf: + - $ref: '#/components/schemas/Group' + readOnly: true + user_obj: + allOf: + - $ref: '#/components/schemas/User' + readOnly: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - group_obj + - order + - pk + - policy_obj + - target + - user_obj + PolicyBindingRequest: + type: object + description: PolicyBinding Serializer + properties: + policy: + type: string + format: uuid + nullable: true + group: + type: string + format: uuid + nullable: true + user: + type: integer + nullable: true + target: + type: string + format: uuid + enabled: + type: boolean + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + timeout: + type: integer + maximum: 2147483647 + minimum: -2147483648 + description: Timeout after which Policy execution is terminated. + required: + - order + - target + PolicyEngineModeEnum: + enum: + - all + - any + type: string + PolicyRequest: + type: object + description: Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + PolicyTestRequest: + type: object + description: Test policy execution for a user with context + properties: + user: + type: integer + context: + type: object + additionalProperties: {} + required: + - user + PolicyTestResult: + type: object + description: result of a policy test + properties: + passing: + type: boolean + messages: + type: array + items: + type: string + readOnly: true + required: + - messages + - passing + Prompt: + type: object + description: Prompt Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Prompt uuid + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/Stage' + required: + - field_key + - label + - pk + - type + PromptRequest: + type: object + description: Prompt Serializer + properties: + field_key: + type: string + description: Name of the form field, also used to store the value + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + label: + type: string + type: + $ref: '#/components/schemas/PromptTypeEnum' + required: + type: boolean + placeholder: + type: string + order: + type: integer + maximum: 2147483647 + minimum: -2147483648 + promptstage_set: + type: array + items: + $ref: '#/components/schemas/StageRequest' + required: + - field_key + - label + - type + PromptStage: + type: object + description: PromptStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - component + - fields + - name + - pk + - verbose_name + - verbose_name_plural + PromptStageRequest: + type: object + description: PromptStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + fields: + type: array + items: + type: string + format: uuid + validation_policies: + type: array + items: + type: string + format: uuid + required: + - fields + - name + PromptTypeEnum: + enum: + - text + - username + - email + - password + - number + - checkbox + - date + - date-time + - separator + - hidden + - static + type: string + PropertyMapping: + type: object + description: PropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - expression + - name + - pk + - verbose_name + - verbose_name_plural + PropertyMappingTestResult: + type: object + description: Result of a Property-mapping test + properties: + result: + type: string + readOnly: true + successful: + type: boolean + readOnly: true + required: + - result + - successful + Provider: + type: object + description: Provider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + ProviderRequest: + type: object + description: Provider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + required: + - authorization_flow + - name + ProxyOutpostConfig: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + client_id: + type: string + maxLength: 255 + client_secret: + type: string + maxLength: 255 + oidc_configuration: + allOf: + - $ref: '#/components/schemas/OpenIDConnectConfiguration' + readOnly: true + cookie_secret: + type: string + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - external_host + - name + - oidc_configuration + - pk + ProxyProvider: + type: object + description: ProxyProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + redirect_uris: + type: string + readOnly: true + required: + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - external_host + - name + - pk + - redirect_uris + - verbose_name + - verbose_name_plural + ProxyProviderRequest: + type: object + description: ProxyProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + internal_host: + type: string + format: uri + external_host: + type: string + format: uri + internal_host_ssl_validation: + type: boolean + description: Validate SSL Certificates of upstream servers + certificate: + type: string + format: uuid + nullable: true + skip_path_regex: + type: string + description: Regular expressions for which authentication is not required. + Each new line is interpreted as a new Regular Expression. + basic_auth_enabled: + type: boolean + title: Set HTTP-Basic Authentication + description: Set a custom HTTP-Basic Authentication header based on values + from authentik. + basic_auth_password_attribute: + type: string + title: HTTP-Basic Password Key + description: User/Group Attribute used for the password part of the HTTP-Basic + Header. + basic_auth_user_attribute: + type: string + title: HTTP-Basic Username Key + description: User/Group Attribute used for the user part of the HTTP-Basic + Header. If not set, the user's Email address is used. + forward_auth_mode: + type: boolean + description: Enable support for forwardAuth in traefik and nginx auth_request. + Exclusive with internal_host. + required: + - authorization_flow + - external_host + - name + RedirectChallenge: + type: object + description: Challenge type to redirect the client + properties: + type: + $ref: '#/components/schemas/Type4f1Enum' + component: + type: string + title: + type: string + background: + type: string + response_errors: + type: object + additionalProperties: + type: array + items: + $ref: '#/components/schemas/ErrorDetail' + to: + type: string + required: + - to + - type + ReputationPolicy: + type: object + description: Reputation Policy Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Policy uuid + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + bound_to: + type: integer + readOnly: true + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - bound_to + - component + - pk + - verbose_name + - verbose_name_plural + ReputationPolicyRequest: + type: object + description: Reputation Policy Serializer + properties: + name: + type: string + nullable: true + execution_logging: + type: boolean + description: When this option is enabled, all executions of this policy + will be logged. By default, only execution errors are logged. + check_ip: + type: boolean + check_username: + type: boolean + threshold: + type: integer + maximum: 2147483647 + minimum: -2147483648 + SAMLMetadata: + type: object + description: SAML Provider Metadata serializer + properties: + metadata: + type: string + readOnly: true + required: + - metadata + SAMLPropertyMapping: + type: object + description: SAMLPropertyMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - component + - expression + - name + - pk + - saml_name + - verbose_name + - verbose_name_plural + SAMLPropertyMappingRequest: + type: object + description: SAMLPropertyMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + saml_name: + type: string + friendly_name: + type: string + nullable: true + required: + - expression + - name + - saml_name + SAMLProvider: + type: object + description: SAMLProvider Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + component: + type: string + readOnly: true + assigned_application_slug: + type: string + description: Internal application name, used in URLs. + readOnly: true + assigned_application_name: + type: string + description: Application's display Name. + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - assigned_application_name + - assigned_application_slug + - authorization_flow + - component + - name + - pk + - verbose_name + - verbose_name_plural + SAMLProviderImportRequest: + type: object + description: Import saml provider from XML Metadata + properties: + name: + type: string + authorization_flow: + type: string + file: + type: string + format: binary + required: + - authorization_flow + - file + - name + SAMLProviderRequest: + type: object + description: SAMLProvider Serializer + properties: + name: + type: string + authorization_flow: + type: string + format: uuid + description: Flow used when authorizing this provider. + property_mappings: + type: array + items: + type: string + format: uuid + acs_url: + type: string + format: uri + maxLength: 200 + audience: + type: string + description: Value of the audience restriction field of the asseration. + When left empty, no audience restriction will be added. + issuer: + type: string + description: Also known as EntityID + assertion_valid_not_before: + type: string + description: 'Assertion valid not before current time + this value (Format: + hours=-1;minutes=-2;seconds=-3).' + assertion_valid_not_on_or_after: + type: string + description: 'Assertion not valid on or after current time + this value + (Format: hours=1;minutes=2;seconds=3).' + session_valid_not_on_or_after: + type: string + description: 'Session not valid on or after current time + this value (Format: + hours=1;minutes=2;seconds=3).' + name_id_mapping: + type: string + format: uuid + nullable: true + title: NameID Property Mapping + description: Configure how the NameID value will be created. When left empty, + the NameIDPolicy of the incoming request will be considered + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Signing Keypair + description: Keypair used to sign outgoing Responses going to the Service + Provider. + verification_kp: + type: string + format: uuid + nullable: true + title: Verification Certificate + description: When selected, incoming assertion's Signatures will be validated + against this certificate. To allow unsigned Requests, leave on default. + sp_binding: + allOf: + - $ref: '#/components/schemas/SpBindingEnum' + title: Service Provider Binding + description: This determines how authentik sends the response back to the + Service Provider. + required: + - acs_url + - authorization_flow + - name + SAMLSource: + type: object + description: SAMLSource Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - component + - name + - pk + - pre_authentication_flow + - slug + - sso_url + - verbose_name + - verbose_name_plural + SAMLSourceRequest: + type: object + description: SAMLSource Serializer + properties: + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + pre_authentication_flow: + type: string + format: uuid + description: Flow used before authentication. + issuer: + type: string + description: Also known as Entity ID. Defaults the Metadata URL. + sso_url: + type: string + format: uri + description: URL that the initial Login request is sent to. + maxLength: 200 + slo_url: + type: string + format: uri + nullable: true + description: Optional URL if your IDP supports Single-Logout. + maxLength: 200 + allow_idp_initiated: + type: boolean + description: Allows authentication flows initiated by the IdP. This can + be a security risk, as no validation of the request ID is done. + name_id_policy: + allOf: + - $ref: '#/components/schemas/NameIdPolicyEnum' + description: NameID Policy sent to the IdP. Can be unset, in which case + no Policy is sent. + binding_type: + $ref: '#/components/schemas/BindingTypeEnum' + signing_kp: + type: string + format: uuid + nullable: true + title: Singing Keypair + description: Keypair which is used to sign outgoing requests. Leave empty + to disable signing. + digest_algorithm: + $ref: '#/components/schemas/DigestAlgorithmEnum' + signature_algorithm: + $ref: '#/components/schemas/SignatureAlgorithmEnum' + temporary_user_delete_after: + type: string + title: Delete temporary users after + description: 'Time offset when temporary users should be deleted. This only + applies if your IDP uses the NameID Format ''transient'', and the user + doesn''t log out manually. (Format: hours=1;minutes=2;seconds=3).' + required: + - name + - pre_authentication_flow + - slug + - sso_url + ScopeMapping: + type: object + description: ScopeMapping Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pm uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - component + - expression + - name + - pk + - scope_name + - verbose_name + - verbose_name_plural + ScopeMappingRequest: + type: object + description: ScopeMapping Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + name: + type: string + expression: + type: string + scope_name: + type: string + description: Scope used by the client + description: + type: string + description: Description shown to the user when consenting. If left empty, + the user won't be informed. + required: + - expression + - name + - scope_name + ServiceConnection: + type: object + description: ServiceConnection Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Uuid + name: + type: string + local: + type: boolean + description: If enabled, use the local connection. Required Docker socket/Kubernetes + Integration + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + ServiceConnectionState: + type: object + description: Serializer for Service connection state + properties: + healthy: + type: boolean + readOnly: true + version: + type: string + readOnly: true + required: + - healthy + - version + SessionUser: + type: object + description: |- + Response for the /user/me endpoint, returns the currently active user (as `user` property) + and, if this user is being impersonated, the original user in the `original` property. + properties: + user: + $ref: '#/components/schemas/User' + original: + $ref: '#/components/schemas/User' + required: + - user + SeverityEnum: + enum: + - notice + - warning + - alert + type: string + SignatureAlgorithmEnum: + enum: + - http://www.w3.org/2000/09/xmldsig#rsa-sha1 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha384 + - http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 + - http://www.w3.org/2000/09/xmldsig#dsa-sha1 + type: string + Source: + type: object + description: Source Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Pbm uuid + name: + type: string + description: Source's display Name. + slug: + type: string + description: Internal source name, used in URLs. + maxLength: 50 + pattern: ^[-a-zA-Z0-9_]+$ + enabled: + type: boolean + authentication_flow: + type: string + format: uuid + nullable: true + description: Flow to use when authenticating existing users. + enrollment_flow: + type: string + format: uuid + nullable: true + description: Flow to use when enrolling new users. + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + policy_engine_mode: + $ref: '#/components/schemas/PolicyEngineModeEnum' + user_matching_mode: + allOf: + - $ref: '#/components/schemas/UserMatchingModeEnum' + description: How the source determines if an existing user should be authenticated + or a new user enrolled. + required: + - component + - name + - pk + - slug + - verbose_name + - verbose_name_plural + SourceType: + type: object + description: Serializer for SourceType + properties: + name: + type: string + slug: + type: string + urls_customizable: + type: boolean + request_token_url: + type: string + readOnly: true + nullable: true + authorization_url: + type: string + readOnly: true + nullable: true + access_token_url: + type: string + readOnly: true + nullable: true + profile_url: + type: string + readOnly: true + nullable: true + required: + - access_token_url + - authorization_url + - name + - profile_url + - request_token_url + - slug + - urls_customizable + SpBindingEnum: + enum: + - redirect + - post + type: string + Stage: + type: object + description: Stage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + StageRequest: + type: object + description: Stage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + StageUserSetting: + type: object + description: User settings but can include a configure flow + properties: + object_uid: + type: string + component: + type: string + title: + type: string + configure_flow: + type: boolean + required: + - component + - object_uid + - title + StaticDevice: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + token_set: + type: array + items: + $ref: '#/components/schemas/Nested' + readOnly: true + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + - token_set + StaticDeviceRequest: + type: object + description: Serializer for static authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + StatusEnum: + enum: + - SUCCESSFUL + - WARNING + - ERROR + type: string + SubModeEnum: + enum: + - hashed_user_id + - user_username + - user_email + - user_upn + type: string + TOTPDevice: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + pk: + type: integer + readOnly: true + title: ID + required: + - name + - pk + TOTPDeviceRequest: + type: object + description: Serializer for totp authenticator devices + properties: + name: + type: string + description: The human-readable name of this device. + maxLength: 64 + required: + - name + Task: + type: object + description: Serialize TaskInfo and TaskResult + properties: + task_name: + type: string + task_description: + type: string + task_finish_timestamp: + type: string + format: date-time + status: + $ref: '#/components/schemas/StatusEnum' + messages: + type: array + items: {} + required: + - messages + - status + - task_description + - task_finish_timestamp + - task_name + Token: + type: object + description: Token Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Token uuid + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/User' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + - pk + TokenRequest: + type: object + description: Token Serializer + properties: + managed: + type: string + nullable: true + title: Managed by authentik + description: Objects which are managed by authentik. These objects are created + and updated automatically. This is flag only indicates that an object + can be overwritten by migrations. You can still modify the objects via + the API, but expect changes to be overwritten in a later update. + identifier: + type: string + maxLength: 255 + pattern: ^[-a-zA-Z0-9_]+$ + intent: + $ref: '#/components/schemas/IntentEnum' + user: + $ref: '#/components/schemas/UserRequest' + description: + type: string + expires: + type: string + format: date-time + expiring: + type: boolean + required: + - identifier + TokenView: + type: object + description: Show token's current key + properties: + key: + type: string + readOnly: true + required: + - key + Type4f1Enum: + enum: + - native + - shell + - redirect + type: string + TypeCreate: + type: object + description: Types of an object that can be created + properties: + name: + type: string + description: + type: string + component: + type: string + model_name: + type: string + required: + - component + - description + - model_name + - name + User: + type: object + description: User Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + is_superuser: + type: boolean + readOnly: true + groups: + type: array + items: + $ref: '#/components/schemas/Group' + readOnly: true + email: + type: string + format: email + title: Email address + maxLength: 254 + avatar: + type: string + readOnly: true + attributes: + type: object + additionalProperties: {} + uid: + type: string + readOnly: true + required: + - avatar + - groups + - is_superuser + - name + - pk + - uid + - username + UserConsent: + type: object + description: UserConsent Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + expires: + type: string + format: date-time + user: + $ref: '#/components/schemas/User' + application: + $ref: '#/components/schemas/Application' + required: + - application + - pk + - user + UserDeleteStage: + type: object + description: UserDeleteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserDeleteStageRequest: + type: object + description: UserDeleteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserFieldsEnum: + enum: + - email + - username + type: string + UserLoginStage: + type: object + description: UserLoginStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLoginStageRequest: + type: object + description: UserLoginStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + session_duration: + type: string + description: 'Determines how long a session lasts. Default of 0 means that + the sessions lasts until the browser is closed. (Format: hours=-1;minutes=-2;seconds=-3)' + required: + - name + UserLogoutStage: + type: object + description: UserLogoutStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserLogoutStageRequest: + type: object + description: UserLogoutStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + UserMatchingModeEnum: + enum: + - identifier + - email_link + - email_deny + - username_link + - username_deny + type: string + UserMetrics: + type: object + description: User Metrics + properties: + logins_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + logins_failed_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + authorizations_per_1h: + type: array + items: + $ref: '#/components/schemas/Coordinate' + readOnly: true + required: + - authorizations_per_1h + - logins_failed_per_1h + - logins_per_1h + UserOAuthSourceConnection: + type: object + description: OAuth Source Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - pk + - source + - user + UserOAuthSourceConnectionRequest: + type: object + description: OAuth Source Serializer + properties: + user: + type: integer + source: + type: string + format: uuid + identifier: + type: string + maxLength: 255 + required: + - identifier + - source + - user + UserReputation: + type: object + description: UserReputation Serializer + properties: + pk: + type: integer + readOnly: true + title: ID + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + updated: + type: string + format: date-time + readOnly: true + required: + - pk + - updated + - user + UserReputationRequest: + type: object + description: UserReputation Serializer + properties: + user: + type: integer + score: + type: integer + maximum: 2147483647 + minimum: -2147483648 + required: + - user + UserRequest: + type: object + description: User Serializer + properties: + username: + type: string + description: Required. 150 characters or fewer. Letters, digits and @/./+/-/_ + only. + pattern: ^[\w.@+-]+$ + maxLength: 150 + name: + type: string + description: User's display name. + is_active: + type: boolean + title: Active + description: Designates whether this user should be treated as active. Unselect + this instead of deleting accounts. + last_login: + type: string + format: date-time + nullable: true + email: + type: string + format: email + title: Email address + maxLength: 254 + attributes: + type: object + additionalProperties: {} + required: + - name + - username + UserSetting: + type: object + description: Serializer for User settings for stages and sources + properties: + object_uid: + type: string + component: + type: string + title: + type: string + required: + - component + - object_uid + - title + UserWriteStage: + type: object + description: UserWriteStage Serializer + properties: + pk: + type: string + format: uuid + readOnly: true + title: Stage uuid + name: + type: string + component: + type: string + readOnly: true + verbose_name: + type: string + readOnly: true + verbose_name_plural: + type: string + readOnly: true + flow_set: + type: array + items: + $ref: '#/components/schemas/Flow' + required: + - component + - name + - pk + - verbose_name + - verbose_name_plural + UserWriteStageRequest: + type: object + description: UserWriteStage Serializer + properties: + name: + type: string + flow_set: + type: array + items: + $ref: '#/components/schemas/FlowRequest' + required: + - name + Version: + type: object + description: Get running and latest version. + properties: + version_current: + type: string + readOnly: true + version_latest: + type: string + readOnly: true + build_hash: + type: string + readOnly: true + outdated: + type: boolean + readOnly: true + required: + - build_hash + - outdated + - version_current + - version_latest + WebAuthnDevice: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + pk: + type: integer + readOnly: true + title: ID + name: + type: string + maxLength: 200 + created_on: + type: string + format: date-time + readOnly: true + required: + - created_on + - name + - pk + WebAuthnDeviceRequest: + type: object + description: Serializer for WebAuthn authenticator devices + properties: + name: + type: string + maxLength: 200 + required: + - name + securitySchemes: + authentik: + type: apiKey + in: header + name: Authorization + cookieAuth: + type: apiKey + in: cookie + name: Session