Release 2024.4
Highlights
-
OAuth/SAML as authentication factor Enterprise Use an external provider as part of an MFA authentication flow, including custom implementations
-
SCIM Source Preview Provision users and groups in authentik using an SCIM API
-
Configurable WebAuthn device restrictions Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
-
Performance improvements The API Endpoints to list Users, Groups, and Events have been optimized by 94%, 41% and 53% respectively
Breaking changes
Manual action may be required
-
Configuration options migrated to the Admin interface
The following config options have been moved from the config file and can now be set using the Admin interface (under System -> Settings) or the API:
AUTHENTIK_DEFAULT_TOKEN_LENGTH
When upgrading to 2024.4, the currently configured options will be automatically migrated to the database, and can be removed from the
.env
or helm values file afterwards.
New features
-
Source stage Enterprise
The source stage allows for an inclusion of a source as part of a flow. This can be used to link a user to a source as part of their authentication/enrollment, or it can be used as an external multi-factor to provide device health attestation for example.
For details refer to Source stage
-
SCIM Source Preview
Provision users and groups in authentik using an SCIM API.
For details refer to SCIM Source
-
Configurable WebAuthn device restrictions
Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.
For details refer to WebAuthn authenticator setup stage
-
Revamped UI for log messages
Log messages from several API endpoints are now shown with much greater detail, which helps with implementing custom policies and property mappings.
-
Python API Client
There's now an official API Client for Python: https://pypi.org/project/authentik-client/. This API Client can be used to create/update/delete objects within authentik as well as using the Flow executor to authenticate.
-
Configure LDAP sources to not store hashed password in authentik
When authentik is configured to federate with an LDAP source, upon authentication, authentik hashed the password and stored it in its own database. This allows authentication to function when LDAP is unreachable. Admins can now configure this behavior for when this is not desirable.
For details refer to LDAP Source
-
Configurable app password token expiring
Thanks @jmdilly for contributing this feature!
Admins can now configure the default token duration (which defaults to
minutes=30
) in the admin interface as specified above. This value can also be overridden per-user with thegoauthentik.io/user/token-maximum-lifetime
attribute.
Upgrading
This release does not introduce any new requirements.
docker-compose
To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands:
wget -O docker-compose.yml https://goauthentik.io/version/2024.4/docker-compose.yml
docker compose up -d
The -O
flag retains the downloaded file's name, overwriting any existing local file with the same name.
Kubernetes
Upgrade the Helm Chart to the new version, using the following commands:
helm repo update
helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.4
Minor changes/fixes
- admin: Handle latest version unknown in admin dashboard (#8858)
- api: capabilities: properly set can_save_media when s3 is enabled (#8896)
- api: fix authentication schema (#9238)
- blueprints: fix default username field in user-settings flow (#9136)
- blueprints: fix schema generation for PrimaryKeyRelated fields with non-int PK (#9140)
- blueprints: only create default brand if no other default brand exists (#9222)
- blueprints: use reconcile decorator instead of relying on function name prefix (#8483)
- brands: add indexes to brand domain and default (#9343)
- brands: fix context processor when request doesn't have a tenant (#8643)
- core: add user settable token durations (#7410)
- core: cache user application list under policies (#8895)
- core: delegated group member management (#9254)
- core: fix api schema for users and groups (#9298)
- core: fix blueprint export (#8695)
- core: optionally don't return groups' users and users' groups by default (#9179)
- core: replace authentik_signals_ignored_fields with audit_ignore (#9291)
- core: rework recovery API to return better error messages (#8655)
- enterprise/rac: fix connection token management (#8909)
- enterprise: fix audit middleware import (#9177)
- enterprise: fix read_only activating when no license is installed (#8697)
- enterprise: force license usage update after change to license (#8723)
- enterprise: only check for valid license existing for creating Enterprise objects (#8813)
- enterprise: use tenant uuid instead of install_id when tenants are enabled (#8823)
- events: add context manager to ignore/modify audit events being written (#9181)
- events: add indexes (#9272)
- events: discard notification if user has empty email (#8938)
- events: fix incorrect user logged when using API token authentication (#9302)
- events: fix log_capture (#9075)
- events: rework log messages returned from API and their rendering (#8770)
- events: sanitize args and kwargs saved in system tasks (#8644)
- flows: fix mismatched redirect behaviour for invalid and valid flows (#8794)
- internal: add tests to go flow executor (#9219)
- internal: cleanup static file serving setup code (#8965)
- lib: cache gravatar connection status (#9248)
- lifecycle: gunicorn: fix app preload (#9274)
- lifecycle: migrate: ensure template schema exists before migrating (#8952)
- outposts: improved set secret answers for flow execution (#8013)
- outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915)
- outposts: Enhance config options for k8s outposts (#7363)
- providers/oauth2: fix inconsistent
sub
value when setting via mapping (#8677) - providers/oauth2: fix interactive device flow (#9076)
- providers/oauth2: fix offline_access requests when prompt doesn't include consent (#8731)
- providers/oauth2: fix refresh_token grant returning incorrect id_token (#9275)
- providers/oauth2: fix validation ordering (#8793)
- providers/oauth2: improve conformance with client_credentials standard (#8471)
- providers/scim: allow custom user and group schemas (#9255)
- rbac: fix permission decorator for global permissions (#8591)
- root: cherry-pick version bump
- root: early spring clean for linting (#8498)
- root: ensure consistent install_id (#8775)
- root: expose session storage configuration (#9337)
- root: fix app settings load order (#8569)
- root: generate python client (#9107)
- root: make redis settings more consistent (#9335)
- root: move database calls from ready() to dedicated startup signal (#9081)
- root: support redis username (#8935)
- sources/ldap: add ability to disable password write on login (#8377)
- sources/ldap: fix default blueprint for mapping user DN to path (#9355)
- sources/oauth: add gitlab type [AUTH-323] (#8195)
- sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182)
- sources/scim: cleanup service account when source is deleted (#9319)
- sources/scim: service account should be internal (#9321)
- sources: add SCIM source (#3051)
- stages/authenticator_validate: add ability to limit webauthn device types (#9180)
- stages/authenticator_validate: fix error with get_webauthn_challenge_without_user (#8625)
- stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9268)
- stages/authenticator_webauthn: add MDS support (#9114)
- stages/authenticator_webauthn: fix attestation value (#9333)
- stages/authenticator_webauthn: fix error when enrolling new device (#8738)
- stages/email: Disable autoescape for text templates (#8812)
- stages/email: fix issue when sending emails to users with same display as email (#8850)
- stages/prompt: fix username field throwing error with existing user (#9342)
- stages/user_write: ensure user data is json-serializable (#8926)
- stages: source stage (#8330)
- tenants: really ensure default tenant cannot be deleted (#8875)
- web/admin: allow custom sorting for bound* tables (#9080)
- web/admin: don't mark LDAP group property mappings as required (#8772)
- web/admin: don't mark property mappings as required anywhere (#8752)
- web/admin: fix SAML Provider preview (#9192)
- web/admin: fix document title for admin interface (#9362)
- web/admin: fix error in admin interface due to un-hydrated context (#9336)
- web/admin: fix log viewer empty state (#9315)
- web/admin: fix markdown table rendering (#8908)
- web/admin: fix user_write stage's user type input (#9344)
- web/admin: group form dual select (#9354)
- web/admin: remove enterprise preview banner (#8991)
- web/admin: rework captcha stage (#9256)
- web/admin: small fixes (#9002)
- web/flows: fix form input rendering issue (#9297)
- web/flows: general ux improvements (#8558)
- web/flows: fix passwordless hidden without input (#9273)
- web/flows: fix webauthn retry (#8599)
- web/flows: improve authenticator styling (#8560)
- web/flows: update flow background (#9305)
- web: a few minor bugfixes and lintfixes (#9044)
- web: ak-checkbox-group for short, static, multi-select events (#9138)
- web: change "delete" verb to "remove" for one-to-many relationships (#8535)
- web: clean up UserInterface in prep for OAuth and Silo Projects (#8278)
- web: clean up and remove redundant alias '@goauthentik/app' (#8889)
- web: consistent style declarations internally (#9077)
- web: fix save & reset behavior on System ➲ Settings page. (#8528)
- web: improve build speeds even moar!!!!!! (#8954)
- web: maintenance: split tsconfig into “base” and “build” variants. (#9036)
- web: manage stacked modals with a stack (#9193)
- web: move context controllers into reactive controller plugins (#8996)
- web: preserve selected list when provider updates (#9200)
- web: provide InstallID on EnterpriseListPage (#8898)
- web: replace rollup with esbuild (#8699)
- web: restore sourcemaps (#9300)
- web: spell customization with a Z (#8596)
- web: upgrade to lit 3 (#8781)
Fixed in 2024.4.1
- core: fix logic for token expiration (cherry-pick #9426) (#9428)
- lifecycle: always try custom redis URL (cherry-pick #9441) (#9458)
- sources/oauth: ensure all UI sources return a valid source (cherry-pick #9401) (#9406)
- sources/scim: fix service account user path (cherry-pick #9463) (#9470)
- stages/identification: don't check source component (cherry-pick #9410) (#9420)
- web/admin: fix disabled button color with dark theme (cherry-pick #9465) (#9468)
- web/admin: show user internal service account as disabled (cherry-pick #9464) (#9467)
- web/common: fix locale detection for user-set locale (cherry-pick #9436) (#9439)
- web: Add resolved and integrity fields back to package-lock.json (cherry-pick #9419) (#9421)
- web: markdown: display markdown even when frontmatter is missing (cherry-pick #9404) (#9405)
Fixed in 2024.4.2
- core: fix source_flow_manager saving user-source connection too early (cherry-pick #9559) (#9578)
- core: fix task clean_expiring_models removing valid sessions with using database storage (cherry-pick #9598) (#9601)
- core: only prefetch related objects when required (cherry-pick #9476) (#9510)
- enterprise/audit: fix audit logging with m2m relations (cherry-pick #9571) (#9572)
- events: ensure all models'
__str__
can be called without any further lookups (cherry-pick #9480) (#9485) - flows: fix execute API endpoint (cherry-pick #9478) (#9481)
- lifecycle: close database connection after migrating (cherry-pick #9516) (#9531)
- providers/saml: fix ECDSA support (cherry-pick #9537) (#9544)
- providers/scim: fix SCIM ID incorrectly used as primary key (cherry-pick #9557) (#9579)
- providers/scim: fix Sync task's time_limit not set correctly (cherry-pick #9546) (#9553)
- sources/oauth: fix OAuth2 Client sending token request incorrectly (cherry-pick #9474) (#9475)
- sources/scim: fix duplicate groups and invalid schema (cherry-pick #9466) (#9606)
- tenants: fix scheduled tasks not running on default tenant (cherry-pick #9583) (#9586)
- web/flows: fix error when enrolling multiple WebAuthn devices consecutively (cherry-pick #9545) (#9547)
- web/flows: fix missing fallback for flow logo (cherry-pick #9487) (#9492)
- web: Add missing integrity hashes to package-lock.json (#9527)
Fixed in 2024.4.3
- core: fix source flow_manager not always appending save stage (cherry-pick #9659) (#9662)
- security: fix CVE-2024-37905, reported by @m2a2 (cherry-pick #10230) (#10236)
- security: fix CVE-2024-38371, reported by Stefan Zwanenburg (cherry-pick #10229) (#10233)
- sources/saml: fix FlowPlanner error due to pickle (cherry-pick #9708) (#9709)
- web: fix value handling inside controlled components (cherry-pick #9648) (#9685)
Fixed in 2024.4.4
- security: fix CVE-2024-42490, reported by @m2a2 (cherry-pick #11022) #11024
API Changes
What's New
GET
/sources/scim/
POST
/sources/scim/
GET
/sources/scim/{slug}/
PUT
/sources/scim/{slug}/
DELETE
/sources/scim/{slug}/
PATCH
/sources/scim/{slug}/
GET
/sources/scim/{slug}/used_by/
GET
/sources/scim_groups/
POST
/sources/scim_groups/
GET
/sources/scim_groups/{id}/
PUT
/sources/scim_groups/{id}/
DELETE
/sources/scim_groups/{id}/
PATCH
/sources/scim_groups/{id}/
GET
/sources/scim_groups/{id}/used_by/
GET
/sources/scim_users/
POST
/sources/scim_users/
GET
/sources/scim_users/{id}/
PUT
/sources/scim_users/{id}/
DELETE
/sources/scim_users/{id}/
PATCH
/sources/scim_users/{id}/
GET
/sources/scim_users/{id}/used_by/
GET
/stages/authenticator/webauthn_device_types/
GET
/stages/authenticator/webauthn_device_types/{aaguid}/
GET
/stages/source/
POST
/stages/source/
GET
/stages/source/{stage_uuid}/
PUT
/stages/source/{stage_uuid}/
DELETE
/stages/source/{stage_uuid}/
PATCH
/stages/source/{stage_uuid}/
GET
/stages/source/{stage_uuid}/used_by/
POST
/core/users/{id}/recovery/
POST
/core/users/{id}/recovery_email/
What's Deleted
GET
/core/users/{id}/recovery/
GET
/core/users/{id}/recovery_email/
What's Changed
GET
/admin/apps/
GET
/admin/models/
GET
/admin/settings/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
default_token_duration
(string)Default token duration
-
Added property
default_token_length
(integer)Default token length
-
PUT
/admin/settings/
Request:
Changed content type : application/json
-
Added property
default_token_duration
(string)Default token duration
-
Added property
default_token_length
(integer)Default token length
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
default_token_duration
(string)Default token duration
-
Added property
default_token_length
(integer)Default token length
-
PATCH
/admin/settings/
Request:
Changed content type : application/json
-
Added property
default_token_duration
(string)Default token duration
-
Added property
default_token_length
(integer)Default token length
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
default_token_duration
(string)Default token duration
-
Added property
default_token_length
(integer)Default token length
-
GET
/admin/system/
POST
/admin/system/
GET
/admin/version/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
version_latest_valid
- Added property
version_latest_valid
(boolean)Check if latest version is valid
-
GET
/admin/workers/
GET
/authenticators/admin/all/
GET
/authenticators/admin/duo/{id}/
PUT
/authenticators/admin/duo/{id}/
DELETE
/authenticators/admin/duo/{id}/
PATCH
/authenticators/admin/duo/{id}/
GET
/authenticators/admin/sms/{id}/
PUT
/authenticators/admin/sms/{id}/
DELETE
/authenticators/admin/sms/{id}/
PATCH
/authenticators/admin/sms/{id}/
GET
/authenticators/admin/totp/{id}/
PUT
/authenticators/admin/totp/{id}/
DELETE
/authenticators/admin/totp/{id}/
PATCH
/authenticators/admin/totp/{id}/
GET
/authenticators/admin/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object)-
Property
aaguid
(string) -
Property
description
(string)
-
-
Added property
aaguid
(string)
-
PUT
/authenticators/admin/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
DELETE
/authenticators/admin/webauthn/{id}/
PATCH
/authenticators/admin/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
GET
/authenticators/all/
GET
/authenticators/duo/{id}/
PUT
/authenticators/duo/{id}/
DELETE
/authenticators/duo/{id}/
PATCH
/authenticators/duo/{id}/
GET
/authenticators/sms/{id}/
PUT
/authenticators/sms/{id}/
DELETE
/authenticators/sms/{id}/
PATCH
/authenticators/sms/{id}/
GET
/authenticators/totp/{id}/
PUT
/authenticators/totp/{id}/
DELETE
/authenticators/totp/{id}/
PATCH
/authenticators/totp/{id}/
GET
/authenticators/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
PUT
/authenticators/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
DELETE
/authenticators/webauthn/{id}/
PATCH
/authenticators/webauthn/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
GET
/core/applications/{slug}/check_access/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
log_messages
(array)Changed items (object): > Single log message with all context logged.
New required properties:
-
attributes
-
event
-
log_level
-
logger
-
timestamp
-
Added property
timestamp
(string) -
Added property
log_level
(string)Enum values:
critical
exception
error
warn
warning
info
debug
notset
-
Added property
logger
(string) -
Added property
event
(string) -
Added property
attributes
(object)
-
-
GET
/core/applications/{slug}/metrics/
POST
/core/applications/{slug}/set_icon/
POST
/core/applications/{slug}/set_icon_url/
GET
/core/authenticated_sessions/{uuid}/
DELETE
/core/authenticated_sessions/{uuid}/
GET
/core/brands/{brand_uuid}/
PUT
/core/brands/{brand_uuid}/
DELETE
/core/brands/{brand_uuid}/
PATCH
/core/brands/{brand_uuid}/
POST
/core/groups/{group_uuid}/add_user/
POST
/core/groups/{group_uuid}/remove_user/
POST
/core/tokens/{identifier}/set_key/
GET
/core/tokens/{identifier}/view_key/
POST
/core/users/{id}/impersonate/
POST
/core/users/{id}/set_password/
GET
/core/users/impersonate_end/
GET
/core/users/paths/
POST
/core/users/service_account/
GET
/crypto/certificatekeypairs/{kp_uuid}/
PUT
/crypto/certificatekeypairs/{kp_uuid}/
DELETE
/crypto/certificatekeypairs/{kp_uuid}/
PATCH
/crypto/certificatekeypairs/{kp_uuid}/
GET
/crypto/certificatekeypairs/{kp_uuid}/view_certificate/
GET
/crypto/certificatekeypairs/{kp_uuid}/view_private_key/
POST
/crypto/certificatekeypairs/generate/
GET
/enterprise/license/{license_uuid}/
PUT
/enterprise/license/{license_uuid}/
DELETE
/enterprise/license/{license_uuid}/
PATCH
/enterprise/license/{license_uuid}/
GET
/enterprise/license/forecast/
GET
/enterprise/license/get_install_id/
GET
/enterprise/license/summary/
GET
/events/events/actions/
GET
/events/events/per_month/
GET
/events/events/top_per_user/
GET
/events/events/volume/
POST
/events/notifications/mark_all_seen/
POST
/events/system_tasks/{uuid}/run/
POST
/events/transports/{uuid}/test/
GET
/flows/instances/{slug}/diagram/
GET
/flows/instances/{slug}/execute/
GET
/flows/instances/{slug}/export/
POST
/flows/instances/{slug}/set_background/
POST
/flows/instances/{slug}/set_background_url/
POST
/flows/instances/cache_clear/
GET
/flows/instances/cache_info/
POST
/flows/instances/import/
Return Type:
Changed response : 204 No Content
-
Changed content type :
application/json
-
Changed property
logs
(array)Changed items (object): > Single log message with all context logged.
New required properties:
-
attributes
-
event
-
log_level
-
logger
-
timestamp
-
Added property
timestamp
(string) -
Added property
log_level
(string) -
Added property
logger
(string) -
Added property
event
(string) -
Added property
attributes
(object)
-
-
Changed response : 400 Bad Request
-
Changed content type :
application/json
-
Changed property
logs
(array)Changed items (object): > Single log message with all context logged.
New required properties:
-
attributes
-
event
-
log_level
-
logger
-
timestamp
-
Added property
timestamp
(string) -
Added property
log_level
(string) -
Added property
logger
(string) -
Added property
event
(string) -
Added property
attributes
(object)
-
-
GET
/managed/blueprints/{instance_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
status
(string)
- Changed property
PUT
/managed/blueprints/{instance_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
status
(string)
- Changed property
DELETE
/managed/blueprints/{instance_uuid}/
PATCH
/managed/blueprints/{instance_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
status
(string)
- Changed property
POST
/managed/blueprints/{instance_uuid}/apply/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
status
(string)
- Changed property
GET
/managed/blueprints/available/
GET
/outposts/instances/{uuid}/health/
GET
/outposts/instances/default_settings/
GET
/outposts/proxy/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
GET
/outposts/radius/{id}/
GET
/outposts/service_connections/all/{uuid}/
DELETE
/outposts/service_connections/all/{uuid}/
GET
/outposts/service_connections/all/{uuid}/state/
GET
/outposts/service_connections/all/types/
GET
/outposts/service_connections/docker/{uuid}/
PUT
/outposts/service_connections/docker/{uuid}/
DELETE
/outposts/service_connections/docker/{uuid}/
PATCH
/outposts/service_connections/docker/{uuid}/
GET
/outposts/service_connections/kubernetes/{uuid}/
PUT
/outposts/service_connections/kubernetes/{uuid}/
DELETE
/outposts/service_connections/kubernetes/{uuid}/
PATCH
/outposts/service_connections/kubernetes/{uuid}/
GET
/policies/all/{policy_uuid}/
DELETE
/policies/all/{policy_uuid}/
POST
/policies/all/{policy_uuid}/test/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
log_messages
(array)Changed items (object): > Single log message with all context logged.
New required properties:
-
attributes
-
event
-
log_level
-
logger
-
timestamp
-
Added property
timestamp
(string) -
Added property
log_level
(string) -
Added property
logger
(string) -
Added property
event
(string) -
Added property
attributes
(object)
-
-
POST
/policies/all/cache_clear/
GET
/policies/all/cache_info/
GET
/policies/all/types/
GET
/policies/dummy/{policy_uuid}/
PUT
/policies/dummy/{policy_uuid}/
DELETE
/policies/dummy/{policy_uuid}/
PATCH
/policies/dummy/{policy_uuid}/
GET
/policies/event_matcher/{policy_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
-
PUT
/policies/event_matcher/{policy_uuid}/
Request:
Changed content type : application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
-
DELETE
/policies/event_matcher/{policy_uuid}/
PATCH
/policies/event_matcher/{policy_uuid}/
Request:
Changed content type : application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
-
GET
/policies/expression/{policy_uuid}/
PUT
/policies/expression/{policy_uuid}/
DELETE
/policies/expression/{policy_uuid}/
PATCH
/policies/expression/{policy_uuid}/
GET
/policies/password/{policy_uuid}/
PUT
/policies/password/{policy_uuid}/
DELETE
/policies/password/{policy_uuid}/
PATCH
/policies/password/{policy_uuid}/
GET
/policies/password_expiry/{policy_uuid}/
PUT
/policies/password_expiry/{policy_uuid}/
DELETE
/policies/password_expiry/{policy_uuid}/
PATCH
/policies/password_expiry/{policy_uuid}/
GET
/policies/reputation/{policy_uuid}/
PUT
/policies/reputation/{policy_uuid}/
DELETE
/policies/reputation/{policy_uuid}/
PATCH
/policies/reputation/{policy_uuid}/
GET
/policies/reputation/scores/{reputation_uuid}/
DELETE
/policies/reputation/scores/{reputation_uuid}/
GET
/propertymappings/all/{pm_uuid}/
DELETE
/propertymappings/all/{pm_uuid}/
POST
/propertymappings/all/{pm_uuid}/test/
GET
/propertymappings/all/types/
GET
/propertymappings/ldap/{pm_uuid}/
PUT
/propertymappings/ldap/{pm_uuid}/
DELETE
/propertymappings/ldap/{pm_uuid}/
PATCH
/propertymappings/ldap/{pm_uuid}/
GET
/propertymappings/notification/{pm_uuid}/
PUT
/propertymappings/notification/{pm_uuid}/
DELETE
/propertymappings/notification/{pm_uuid}/
PATCH
/propertymappings/notification/{pm_uuid}/
GET
/propertymappings/rac/{pm_uuid}/
PUT
/propertymappings/rac/{pm_uuid}/
DELETE
/propertymappings/rac/{pm_uuid}/
PATCH
/propertymappings/rac/{pm_uuid}/
GET
/propertymappings/saml/{pm_uuid}/
PUT
/propertymappings/saml/{pm_uuid}/
DELETE
/propertymappings/saml/{pm_uuid}/
PATCH
/propertymappings/saml/{pm_uuid}/
GET
/propertymappings/scim/{pm_uuid}/
PUT
/propertymappings/scim/{pm_uuid}/
DELETE
/propertymappings/scim/{pm_uuid}/
PATCH
/propertymappings/scim/{pm_uuid}/
GET
/propertymappings/scope/{pm_uuid}/
PUT
/propertymappings/scope/{pm_uuid}/
DELETE
/propertymappings/scope/{pm_uuid}/
PATCH
/propertymappings/scope/{pm_uuid}/
GET
/providers/all/{id}/
DELETE
/providers/all/{id}/
GET
/providers/all/types/
GET
/providers/oauth2/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
PUT
/providers/oauth2/{id}/
Request:
Changed content type : application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
DELETE
/providers/oauth2/{id}/
PATCH
/providers/oauth2/{id}/
Request:
Changed content type : application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
GET
/providers/oauth2/{id}/preview_user/
GET
/providers/oauth2/{id}/setup_urls/
GET
/providers/proxy/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
PUT
/providers/proxy/{id}/
Request:
Changed content type : application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
DELETE
/providers/proxy/{id}/
PATCH
/providers/proxy/{id}/
Request:
Changed content type : application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
GET
/providers/rac/{id}/
PUT
/providers/rac/{id}/
DELETE
/providers/rac/{id}/
PATCH
/providers/rac/{id}/
GET
/providers/radius/{id}/
PUT
/providers/radius/{id}/
DELETE
/providers/radius/{id}/
PATCH
/providers/radius/{id}/
GET
/providers/saml/{id}/metadata/
GET
/providers/saml/{id}/preview_user/
POST
/providers/saml/import_metadata/
GET
/providers/scim/{id}/
PUT
/providers/scim/{id}/
DELETE
/providers/scim/{id}/
PATCH
/providers/scim/{id}/
GET
/rbac/permissions/{id}/
GET
/rbac/roles/{uuid}/
PUT
/rbac/roles/{uuid}/
DELETE
/rbac/roles/{uuid}/
PATCH
/rbac/roles/{uuid}/
GET
/schema/
POST
/sources/all/{slug}/set_icon/
POST
/sources/all/{slug}/set_icon_url/
GET
/sources/all/types/
GET
/sources/all/user_settings/
GET
/sources/ldap/{slug}/debug/
GET
/sources/oauth/source_types/
POST
/sources/plex/redeem_token_authenticated/
GET
/sources/saml/{slug}/metadata/
GET
/stages/all/types/
GET
/stages/all/user_settings/
POST
/stages/authenticator/duo/{stage_uuid}/import_device_manual/
POST
/stages/authenticator/duo/{stage_uuid}/import_devices_automatic/
GET
/stages/email/templates/
GET
/admin/metrics/
POST
/authenticators/admin/duo/
GET
/authenticators/admin/duo/
POST
/authenticators/admin/sms/
GET
/authenticators/admin/sms/
DELETE
/authenticators/admin/static/{id}/
GET
/authenticators/admin/static/{id}/
PUT
/authenticators/admin/static/{id}/
PATCH
/authenticators/admin/static/{id}/
POST
/authenticators/admin/totp/
GET
/authenticators/admin/totp/
POST
/authenticators/admin/webauthn/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
GET
/authenticators/admin/webauthn/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serializer for WebAuthn authenticator devices
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
-
GET
/authenticators/duo/
GET
/authenticators/duo/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/authenticators/sms/
GET
/authenticators/sms/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/authenticators/static/{id}/
GET
/authenticators/static/{id}/
PUT
/authenticators/static/{id}/
PATCH
/authenticators/static/{id}/
GET
/authenticators/static/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/authenticators/totp/
GET
/authenticators/totp/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/authenticators/webauthn/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serializer for WebAuthn authenticator devices
New required properties:
-
aaguid
-
device_type
-
Added property
device_type
(object) -
Added property
aaguid
(string)
-
-
GET
/authenticators/webauthn/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/core/applications/{slug}/
GET
/core/applications/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
policy_engine_mode
(string)
- Changed property
PUT
/core/applications/{slug}/
Request:
Changed content type : application/json
- Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
policy_engine_mode
(string)
- Changed property
PATCH
/core/applications/{slug}/
Request:
Changed content type : application/json
- Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
policy_engine_mode
(string)
- Changed property
GET
/core/applications/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/core/authenticated_sessions/
GET
/core/authenticated_sessions/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/core/brands/
GET
/core/brands/
GET
/core/brands/{brand_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/core/brands/current/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
ui_theme
(string)
- Changed property
DELETE
/core/groups/{group_uuid}/
GET
/core/groups/{group_uuid}/
PUT
/core/groups/{group_uuid}/
PATCH
/core/groups/{group_uuid}/
GET
/core/groups/{group_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/core/tokens/{identifier}/
GET
/core/tokens/{identifier}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
intent
(string) -
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
PUT
/core/tokens/{identifier}/
Request:
Changed content type : application/json
- Changed property
intent
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
intent
(string) -
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
PATCH
/core/tokens/{identifier}/
Request:
Changed content type : application/json
- Changed property
intent
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
intent
(string) -
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
GET
/core/tokens/{identifier}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/core/user_consent/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/core/users/{id}/
GET
/core/users/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
PUT
/core/users/{id}/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
PATCH
/core/users/{id}/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
GET
/core/users/{id}/metrics/
GET
/core/users/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/crypto/certificatekeypairs/
GET
/crypto/certificatekeypairs/
GET
/crypto/certificatekeypairs/{kp_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/enterprise/license/
GET
/enterprise/license/
GET
/enterprise/license/{license_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/events/events/{event_uuid}/
GET
/events/events/{event_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
action
(string)
- Changed property
PUT
/events/events/{event_uuid}/
Request:
Changed content type : application/json
- Changed property
action
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
action
(string)
- Changed property
PATCH
/events/events/{event_uuid}/
Request:
Changed content type : application/json
- Changed property
action
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
action
(string)
- Changed property
GET
/events/notifications/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/events/rules/{pbm_uuid}/
GET
/events/rules/{pbm_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
- Changed property
PUT
/events/rules/{pbm_uuid}/
Request:
Changed content type : application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
- Changed property
PATCH
/events/rules/{pbm_uuid}/
Request:
Changed content type : application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
- Changed property
GET
/events/rules/{pbm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/events/system_tasks/{uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
messages
(array)Changed items (string -> object): > Single log message with all context logged.
-
Changed property
status
(string)
-
DELETE
/events/transports/{uuid}/
GET
/events/transports/{uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)
- Changed property
PUT
/events/transports/{uuid}/
Request:
Changed content type : application/json
- Changed property
mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)
- Changed property
PATCH
/events/transports/{uuid}/
Request:
Changed content type : application/json
- Changed property
mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
mode
(string)
- Changed property
GET
/events/transports/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/flows/bindings/{fsb_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/flows/instances/{slug}/
GET
/flows/instances/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
PUT
/flows/instances/{slug}/
Request:
Changed content type : application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
PATCH
/flows/instances/{slug}/
Request:
Changed content type : application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
GET
/flows/instances/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/managed/blueprints/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
status
(string)
- Changed property
GET
/managed/blueprints/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Info about a single blueprint instance file
- Changed property
status
(string)
- Changed property
-
GET
/managed/blueprints/{instance_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/oauth2/access_tokens/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/oauth2/authorization_codes/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/oauth2/refresh_tokens/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/outposts/instances/{uuid}/
GET
/outposts/instances/{uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
PUT
/outposts/instances/{uuid}/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
PATCH
/outposts/instances/{uuid}/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
GET
/outposts/instances/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/outposts/ldap/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
search_mode
(string)
- Changed property
GET
/outposts/proxy/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Proxy provider serializer for outposts
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
-
GET
/outposts/radius/
GET
/outposts/service_connections/all/
GET
/outposts/service_connections/all/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/outposts/service_connections/docker/
GET
/outposts/service_connections/docker/
GET
/outposts/service_connections/docker/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/outposts/service_connections/kubernetes/
GET
/outposts/service_connections/kubernetes/
GET
/outposts/service_connections/kubernetes/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/policies/all/
GET
/policies/all/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/policies/bindings/{policy_binding_uuid}/
GET
/policies/bindings/{policy_binding_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
PUT
/policies/bindings/{policy_binding_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
PATCH
/policies/bindings/{policy_binding_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
GET
/policies/bindings/{policy_binding_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/dummy/
GET
/policies/dummy/
GET
/policies/dummy/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/event_matcher/
Request:
Changed content type : application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
-
GET
/policies/event_matcher/
Parameters:
Changed: action
in query
Match created events with this action type. When left empty, all action types will be matched.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Event Matcher Policy Serializer
-
Changed property
action
(string)Match created events with this action type. When left empty, all action types will be matched.
-
Changed property
app
(string)Match events created by selected application. When left empty, all applications are matched.
Added enum values:
authentik.sources.scim
authentik.enterprise.stages.source
-
Changed property
model
(string)Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.
Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
-
-
GET
/policies/event_matcher/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/expression/
GET
/policies/expression/
GET
/policies/expression/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/password/
GET
/policies/password/
GET
/policies/password/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/password_expiry/
GET
/policies/password_expiry/
GET
/policies/password_expiry/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/policies/reputation/
GET
/policies/reputation/
GET
/policies/reputation/{policy_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/policies/reputation/scores/
GET
/policies/reputation/scores/{reputation_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/propertymappings/all/
GET
/propertymappings/all/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/ldap/
GET
/propertymappings/ldap/
GET
/propertymappings/ldap/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/notification/
GET
/propertymappings/notification/
GET
/propertymappings/notification/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/rac/
GET
/propertymappings/rac/
GET
/propertymappings/rac/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/saml/
GET
/propertymappings/saml/
GET
/propertymappings/saml/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/scim/
GET
/propertymappings/scim/
GET
/propertymappings/scim/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/propertymappings/scope/
GET
/propertymappings/scope/
GET
/propertymappings/scope/{pm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/providers/all/
GET
/providers/all/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/providers/ldap/{id}/
GET
/providers/ldap/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
search_mode
(string)
- Changed property
PUT
/providers/ldap/{id}/
Request:
Changed content type : application/json
- Changed property
search_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
search_mode
(string)
- Changed property
PATCH
/providers/ldap/{id}/
Request:
Changed content type : application/json
- Changed property
search_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
search_mode
(string)
- Changed property
GET
/providers/ldap/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/providers/oauth2/
Request:
Changed content type : application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
GET
/providers/oauth2/
Parameters:
Changed: client_type
in query
Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
Changed: issuer_mode
in query
Configure how the issuer field of the ID Token should be filled.
Changed: sub_mode
in query
Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
GET
/providers/oauth2/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/providers/proxy/
Request:
Changed content type : application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
GET
/providers/proxy/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > ProxyProvider Serializer
- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
- Changed property
-
GET
/providers/proxy/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/providers/rac/
GET
/providers/rac/
GET
/providers/rac/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/providers/radius/
GET
/providers/radius/
GET
/providers/radius/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/providers/saml/{id}/
GET
/providers/saml/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
PUT
/providers/saml/{id}/
Request:
Changed content type : application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
PATCH
/providers/saml/{id}/
Request:
Changed content type : application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
GET
/providers/saml/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/providers/scim/
GET
/providers/scim/
GET
/providers/scim/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/rac/connection_tokens/{connection_token_uuid}/
Parameters:
Changed: connection_token_uuid
in path
A UUID string identifying this RAC Connection token.
GET
/rac/connection_tokens/{connection_token_uuid}/
Parameters:
Changed: connection_token_uuid
in path
A UUID string identifying this RAC Connection token.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New optional properties:
-
pk
-
Changed property
pk
(string) -
Changed property
endpoint
(string) -
Changed property
endpoint_obj
(object)Endpoint Serializer
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
-
PUT
/rac/connection_tokens/{connection_token_uuid}/
Parameters:
Changed: connection_token_uuid
in path
A UUID string identifying this RAC Connection token.
Request:
Changed content type : application/json
New required properties:
endpoint
-
Added property
pk
(string) -
Added property
endpoint
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New optional properties:
-
pk
-
Changed property
pk
(string) -
Changed property
endpoint
(string) -
Changed property
endpoint_obj
(object)Endpoint Serializer
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
-
PATCH
/rac/connection_tokens/{connection_token_uuid}/
Parameters:
Changed: connection_token_uuid
in path
A UUID string identifying this RAC Connection token.
Request:
Changed content type : application/json
-
Added property
pk
(string) -
Added property
endpoint
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New optional properties:
-
pk
-
Changed property
pk
(string) -
Changed property
endpoint
(string) -
Changed property
endpoint_obj
(object)Endpoint Serializer
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
-
GET
/rac/connection_tokens/{connection_token_uuid}/used_by/
Parameters:
Changed: connection_token_uuid
in path
A UUID string identifying this RAC Connection token.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/rac/endpoints/{pbm_uuid}/
GET
/rac/endpoints/{pbm_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
PUT
/rac/endpoints/{pbm_uuid}/
Request:
Changed content type : application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
PATCH
/rac/endpoints/{pbm_uuid}/
Request:
Changed content type : application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
GET
/rac/endpoints/{pbm_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/rbac/permissions/
POST
/rbac/permissions/assigned_by_roles/{uuid}/assign/
Request:
Changed content type : application/json
-
Changed property
model
(string)Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
PATCH
/rbac/permissions/assigned_by_roles/{uuid}/unassign/
Request:
Changed content type : application/json
-
Changed property
model
(string)Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
POST
/rbac/permissions/assigned_by_users/{id}/assign/
Request:
Changed content type : application/json
-
Changed property
model
(string)Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
PATCH
/rbac/permissions/assigned_by_users/{id}/unassign/
Request:
Changed content type : application/json
-
Changed property
model
(string)Added enum values:
-
authentik_sources_scim.scimsource
-
authentik_stages_authenticator_webauthn.authenticatorwebauthnstage
-
authentik_stages_source.sourcestage
Removed enum value: -
authentik_stages_authenticator_webauthn.authenticatewebauthnstage
-
GET
/rbac/permissions/roles/
GET
/rbac/permissions/users/
POST
/rbac/roles/
GET
/rbac/roles/
GET
/rbac/roles/{uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/root/config/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
capabilities
(array)Changed items (string):
-
DELETE
/sources/all/{slug}/
GET
/sources/all/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
GET
/sources/all/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/ldap/{slug}/
GET
/sources/ldap/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
PUT
/sources/ldap/{slug}/
Request:
Changed content type : application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
PATCH
/sources/ldap/{slug}/
Request:
Changed content type : application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
GET
/sources/ldap/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/oauth/{slug}/
GET
/sources/oauth/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
-
PUT
/sources/oauth/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
-
PATCH
/sources/oauth/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
-
GET
/sources/oauth/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/plex/{slug}/
GET
/sources/plex/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
PUT
/sources/plex/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
PATCH
/sources/plex/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
GET
/sources/plex/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/saml/{slug}/
GET
/sources/saml/{slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
PUT
/sources/saml/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
PATCH
/sources/saml/{slug}/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
GET
/sources/saml/{slug}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/user_connections/all/{id}/
GET
/sources/user_connections/all/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PUT
/sources/user_connections/all/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PATCH
/sources/user_connections/all/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/all/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/user_connections/oauth/{id}/
GET
/sources/user_connections/oauth/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PUT
/sources/user_connections/oauth/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PATCH
/sources/user_connections/oauth/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/oauth/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/user_connections/plex/{id}/
GET
/sources/user_connections/plex/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PUT
/sources/user_connections/plex/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PATCH
/sources/user_connections/plex/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/plex/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/sources/user_connections/saml/{id}/
GET
/sources/user_connections/saml/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PUT
/sources/user_connections/saml/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
PATCH
/sources/user_connections/saml/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/saml/{id}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/all/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/stages/authenticator/duo/{stage_uuid}/enrollment_status/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
- Changed property
duo_response
(string)
- Changed property
GET
/stages/authenticator/duo/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/authenticator/sms/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/authenticator/static/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/authenticator/totp/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/authenticator/validate/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/authenticator/webauthn/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/captcha/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/consent/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/deny/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/dummy/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/email/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/identification/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
DELETE
/stages/invitation/invitations/{invite_uuid}/
GET
/stages/invitation/invitations/{invite_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_obj
(object)Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/invitation/invitations/{invite_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_obj
(object)Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/invitation/invitations/{invite_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_obj
(object)Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/invitation/invitations/{invite_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/invitation/stages/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/password/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/prompt/prompts/{prompt_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/prompt/stages/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/user_delete/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/user_login/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/user_logout/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
GET
/stages/user_write/{stage_uuid}/used_by/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Changed items (object): > A list of all objects referencing the queried object
- Changed property
action
(string)
- Changed property
POST
/authenticators/admin/static/
GET
/authenticators/admin/static/
GET
/authenticators/static/
POST
/core/applications/
Request:
Changed content type : application/json
- Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
policy_engine_mode
(string)
- Changed property
GET
/core/applications/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Application Serializer
- Changed property
policy_engine_mode
(string)
- Changed property
-
POST
/core/groups/
GET
/core/groups/
Parameters:
Added: include_users
in query
POST
/core/tokens/
Request:
Changed content type : application/json
- Changed property
intent
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
intent
(string) -
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
GET
/core/tokens/
Parameters:
Changed: intent
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Token Serializer
-
Changed property
intent
(string) -
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
-
DELETE
/core/user_consent/{id}/
GET
/core/user_consent/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
Changed property
application
(object)Application Serializer
- Changed property
policy_engine_mode
(string)
- Changed property
-
POST
/core/users/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
GET
/core/users/
Parameters:
Added: include_groups
in query
Changed: type
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > User Serializer
- Changed property
type
(string)
- Changed property
-
GET
/core/users/me/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user
(object)User Serializer for information a user can retrieve about themselves
- Changed property
type
(string)
- Changed property
-
POST
/events/events/
Request:
Changed content type : application/json
- Changed property
action
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
action
(string)
- Changed property
GET
/events/events/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Event Serializer
- Changed property
action
(string)
- Changed property
-
DELETE
/events/notifications/{uuid}/
GET
/events/notifications/{uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
severity
(string) -
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
-
PUT
/events/notifications/{uuid}/
Request:
Changed content type : application/json
-
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
severity
(string) -
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
-
PATCH
/events/notifications/{uuid}/
Request:
Changed content type : application/json
-
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
severity
(string) -
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
-
POST
/events/rules/
Request:
Changed content type : application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
severity
(string)Controls which severity level the created notifications will have.
- Changed property
GET
/events/rules/
Parameters:
Changed: severity
in query
Controls which severity level the created notifications will have.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > NotificationRule Serializer
- Changed property
severity
(string)Controls which severity level the created notifications will have.
- Changed property
-
GET
/events/system_tasks/
Parameters:
Changed: status
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serialize TaskInfo and TaskResult
-
Changed property
messages
(array)Changed items (string -> object): > Single log message with all context logged.
-
Changed property
status
(string)
-
-
POST
/events/transports/
Request:
Changed content type : application/json
- Changed property
mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
mode
(string)
- Changed property
GET
/events/transports/
Parameters:
Changed: mode
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > NotificationTransport Serializer
- Changed property
mode
(string)
- Changed property
-
DELETE
/flows/bindings/{fsb_uuid}/
GET
/flows/bindings/{fsb_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
PUT
/flows/bindings/{fsb_uuid}/
Request:
Changed content type : application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
PATCH
/flows/bindings/{fsb_uuid}/
Request:
Changed content type : application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
POST
/flows/instances/
Request:
Changed content type : application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
GET
/flows/instances/
Parameters:
Changed: denied_action
in query
Configure what should happen when a flow denies access to a user.
Changed: designation
in query
Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/oauth2/access_tokens/{id}/
GET
/oauth2/access_tokens/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
DELETE
/oauth2/authorization_codes/{id}/
GET
/oauth2/authorization_codes/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
DELETE
/oauth2/refresh_tokens/{id}/
GET
/oauth2/refresh_tokens/{id}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
POST
/outposts/instances/
Request:
Changed content type : application/json
- Changed property
type
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
type
(string)
- Changed property
GET
/outposts/instances/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Outpost Serializer
- Changed property
type
(string)
- Changed property
-
GET
/outposts/ldap/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > LDAPProvider Serializer
- Changed property
search_mode
(string)
- Changed property
-
POST
/policies/bindings/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
GET
/policies/bindings/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > PolicyBinding Serializer
-
Changed property
user_obj
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
-
POST
/providers/ldap/
Request:
Changed content type : application/json
- Changed property
search_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
- Changed property
search_mode
(string)
- Changed property
GET
/providers/ldap/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > LDAPProvider Serializer
- Changed property
search_mode
(string)
- Changed property
-
POST
/providers/saml/
Request:
Changed content type : application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
GET
/providers/saml/
Parameters:
Changed: digest_algorithm
in query
Changed: signature_algorithm
in query
Changed: sp_binding
in query
This determines how authentik sends the response back to the Service Provider.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > SAMLProvider Serializer
-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
-
GET
/providers/scim/{id}/sync_status/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
tasks
(array)Changed items (object): > Serialize TaskInfo and TaskResult
-
Changed property
messages
(array)Changed items (string -> object): > Single log message with all context logged.
-
Changed property
status
(string)
-
-
GET
/rac/connection_tokens/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > ConnectionToken Serializer
New optional properties:
-
pk
-
Changed property
pk
(string) -
Changed property
endpoint
(string) -
Changed property
endpoint_obj
(object)Endpoint Serializer
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
-
-
POST
/rac/endpoints/
Request:
Changed content type : application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
GET
/rac/endpoints/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Endpoint Serializer
-
Changed property
protocol
(string) -
Changed property
auth_mode
(string)
-
-
GET
/rbac/permissions/assigned_by_roles/
Parameters:
Changed: model
in query
GET
/rbac/permissions/assigned_by_users/
Parameters:
Changed: model
in query
GET
/sources/all/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
POST
/sources/ldap/
Request:
Changed content type : application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
GET
/sources/ldap/
Parameters:
Added: password_login_update_internal_password
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > LDAP Source Serializer
-
Added property
password_login_update_internal_password
(boolean)Update internal authentik password when login succeeds with LDAP
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/ldap/{slug}/sync_status/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
tasks
(array)Changed items (object): > Serialize TaskInfo and TaskResult
-
Changed property
messages
(array)Changed items (string -> object): > Single log message with all context logged.
-
Changed property
status
(string)
-
-
POST
/sources/oauth/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
-
GET
/sources/oauth/
Parameters:
Changed: policy_engine_mode
in query
Changed: user_matching_mode
in query
How the source determines if an existing user should be authenticated or a new user enrolled.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > OAuth Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string) -
Changed property
provider_type
(string)Added enum value:
gitlab
-
-
POST
/sources/plex/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
GET
/sources/plex/
Parameters:
Changed: policy_engine_mode
in query
Changed: user_matching_mode
in query
How the source determines if an existing user should be authenticated or a new user enrolled.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Plex Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
POST
/sources/plex/redeem_token/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
flow_info
(object)Contextual flow information for a challenge
- Changed property
layout
(string)
- Changed property
-
POST
/sources/saml/
Request:
Changed content type : application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
GET
/sources/saml/
Parameters:
Changed: binding_type
in query
Changed: digest_algorithm
in query
Changed: name_id_policy
in query
NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
Changed: policy_engine_mode
in query
Changed: signature_algorithm
in query
Changed: user_matching_mode
in query
How the source determines if an existing user should be authenticated or a new user enrolled.
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > SAMLSource Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
name_id_policy
(string)NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.
-
Changed property
policy_engine_mode
(string) -
Changed property
binding_type
(string) -
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
-
-
GET
/sources/user_connections/all/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > OAuth Source Serializer
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
-
POST
/sources/user_connections/oauth/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/oauth/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > OAuth Source Serializer
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
-
POST
/sources/user_connections/plex/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/plex/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Plex Source connection Serializer
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
-
POST
/sources/user_connections/saml/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
GET
/sources/user_connections/saml/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > SAML Source Serializer
-
Changed property
source
(object)Source Serializer
-
Changed property
user_matching_mode
(string)How the source determines if an existing user should be authenticated or a new user enrolled.
-
Changed property
policy_engine_mode
(string)
-
-
-
DELETE
/stages/all/{stage_uuid}/
GET
/stages/all/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/duo/{stage_uuid}/
GET
/stages/authenticator/duo/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/duo/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/duo/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/sms/{stage_uuid}/
GET
/stages/authenticator/sms/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/sms/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/sms/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/static/{stage_uuid}/
GET
/stages/authenticator/static/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/static/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/static/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/totp/{stage_uuid}/
GET
/stages/authenticator/totp/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/totp/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/totp/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/validate/{stage_uuid}/
GET
/stages/authenticator/validate/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
webauthn_allowed_device_types_obj
-
Added property
webauthn_allowed_device_types
(array)Items (string):
-
Added property
webauthn_allowed_device_types_obj
(array)Items (object): > WebAuthnDeviceType Serializer
-
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/validate/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
webauthn_allowed_device_types
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
webauthn_allowed_device_types_obj
-
Added property
webauthn_allowed_device_types
(array) -
Added property
webauthn_allowed_device_types_obj
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/validate/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
webauthn_allowed_device_types
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
webauthn_allowed_device_types_obj
-
Added property
webauthn_allowed_device_types
(array) -
Added property
webauthn_allowed_device_types_obj
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/authenticator/webauthn/{stage_uuid}/
GET
/stages/authenticator/webauthn/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
device_type_restrictions_obj
-
Added property
device_type_restrictions
(array) -
Added property
device_type_restrictions_obj
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/authenticator/webauthn/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
device_type_restrictions
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
device_type_restrictions_obj
-
Added property
device_type_restrictions
(array) -
Added property
device_type_restrictions_obj
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/authenticator/webauthn/{stage_uuid}/
Request:
Changed content type : application/json
-
Added property
device_type_restrictions
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
New required properties:
-
device_type_restrictions_obj
-
Added property
device_type_restrictions
(array) -
Added property
device_type_restrictions_obj
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/captcha/{stage_uuid}/
GET
/stages/captcha/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/captcha/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/captcha/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/consent/{stage_uuid}/
GET
/stages/consent/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/consent/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/consent/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/deny/{stage_uuid}/
GET
/stages/deny/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/deny/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/deny/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/dummy/{stage_uuid}/
GET
/stages/dummy/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/dummy/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/dummy/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/email/{stage_uuid}/
GET
/stages/email/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/email/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/email/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/identification/{stage_uuid}/
GET
/stages/identification/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/identification/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/identification/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
POST
/stages/invitation/invitations/
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_obj
(object)Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/invitation/invitations/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Invitation Serializer
-
Changed property
flow_obj
(object)Flow Serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
authentication
(string)Required level of authentication and authorization to access a flow.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
DELETE
/stages/invitation/stages/{stage_uuid}/
GET
/stages/invitation/stages/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/invitation/stages/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/invitation/stages/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/password/{stage_uuid}/
GET
/stages/password/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/password/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/password/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/prompt/stages/{stage_uuid}/
GET
/stages/prompt/stages/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/prompt/stages/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/prompt/stages/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/user_delete/{stage_uuid}/
GET
/stages/user_delete/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/user_delete/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/user_delete/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/user_login/{stage_uuid}/
GET
/stages/user_login/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/user_login/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/user_login/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/user_logout/{stage_uuid}/
GET
/stages/user_logout/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/user_logout/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/user_logout/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
DELETE
/stages/user_write/{stage_uuid}/
GET
/stages/user_write/{stage_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/stages/user_write/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PATCH
/stages/user_write/{stage_uuid}/
Request:
Changed content type : application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
PUT
/core/transactional/applications/
Request:
Changed content type : application/json
-
Changed property
provider_model
(string) -
Changed property
app
(object)Application Serializer
- Changed property
policy_engine_mode
(string)
- Changed property
-
Changed property
provider
(object)Updated
authentik_providers_oauth2.oauth2provider
provider_model:-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
Updated
authentik_providers_proxy.proxyprovider
provider_model:- Changed property
mode
(string)Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.
Updated
authentik_providers_saml.samlprovider
provider_model:-
Changed property
sp_binding
(string)This determines how authentik sends the response back to the Service Provider.
-
Changed property
digest_algorithm
(string) -
Changed property
signature_algorithm
(string)
Updated
authentik_providers_ldap.ldapprovider
provider_model:- Changed property
search_mode
(string)
-
GET
/core/user_consent/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > UserConsent Serializer
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
Changed property
application
(object)Application Serializer
- Changed property
policy_engine_mode
(string)
- Changed property
-
-
GET
/events/notifications/
Parameters:
Changed: severity
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Notification Serializer
-
Changed property
severity
(string) -
Changed property
event
(object)Event Serializer
- Changed property
action
(string)
- Changed property
-
-
POST
/flows/bindings/
Request:
Changed content type : application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string)
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
GET
/flows/bindings/
Parameters:
Changed: invalid_response_action
in query
Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
Changed: policy_engine_mode
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > FlowStageBinding Serializer
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
-
GET
/flows/executor/{flow_slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Updated
ak-stage-dummy
component: New required properties:-
name
- Added property
name
(string)
Updated
ak-provider-oauth2-device-code
component:-
Changed property
type
(string) -
Changed property
flow_info
(object)Contextual flow information for a challenge
- Changed property
layout
(string)
- Changed property
Updated
ak-stage-prompt
component:-
Changed property
fields
(array)Changed items (object): > Serializer for a single Prompt field
- Changed property
type
(string)
- Changed property
Updated
ak-stage-identification
component: New required properties:-
flow_designation
-
Added property
flow_designation
(string)Enum values:
authentication
authorization
invalidation
enrollment
unenrollment
recovery
stage_configuration
-
POST
/flows/executor/{flow_slug}/
Request:
Changed content type : application/json
Updated ak-source-oauth-apple
component:
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
Updated
ak-stage-dummy
component: New required properties:-
name
- Added property
name
(string)
Updated
ak-provider-oauth2-device-code
component:-
Changed property
type
(string) -
Changed property
flow_info
(object)Contextual flow information for a challenge
- Changed property
layout
(string)
- Changed property
Updated
ak-stage-prompt
component:-
Changed property
fields
(array)Changed items (object): > Serializer for a single Prompt field
- Changed property
type
(string)
- Changed property
Updated
ak-stage-identification
component: New required properties:-
flow_designation
- Added property
flow_designation
(string)
-
GET
/flows/inspector/{flow_slug}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
plans
(array)Changed items (object): > Serializer for an active FlowPlan
-
Changed property
next_planned_stage
(object)FlowStageBinding Serializer
- Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
- Changed property
-
Changed property
current_stage
(object)FlowStageBinding Serializer
-
Changed property
invalid_response_action
(string)Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.
-
Changed property
policy_engine_mode
(string) -
Changed property
stage_obj
(object)Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
layout
(string)
-
-
-
-
-
GET
/oauth2/access_tokens/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serializer for BaseGrantModel and RefreshToken
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
-
GET
/oauth2/authorization_codes/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
-
GET
/oauth2/refresh_tokens/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Serializer for BaseGrantModel and RefreshToken
-
Changed property
provider
(object)OAuth2Provider Serializer
-
Changed property
client_type
(string)Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable
-
Changed property
sub_mode
(string)Configure what data should be used as unique User Identifier. For most cases, the default should be fine.
-
Changed property
issuer_mode
(string)Configure how the issuer field of the ID Token should be filled.
-
-
Changed property
user
(object)User Serializer
- Changed property
type
(string)
- Changed property
-
-
GET
/stages/all/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/duo/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/duo/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorDuoStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/sms/
Request:
Changed content type : application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/sms/
Parameters:
Changed: auth_type
in query
Changed: provider
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorSMSStage Serializer
-
Changed property
provider
(string) -
Changed property
auth_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/static/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/static/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorStaticStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/totp/
Request:
Changed content type : application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/totp/
Parameters:
Changed: digits
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorTOTPStage Serializer
-
Changed property
digits
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/validate/
Request:
Changed content type : application/json
-
Added property
webauthn_allowed_device_types
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
New required properties:
-
webauthn_allowed_device_types_obj
-
Added property
webauthn_allowed_device_types
(array) -
Added property
webauthn_allowed_device_types_obj
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/validate/
Parameters:
Changed: not_configured_action
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorValidateStage Serializer
New required properties:
-
webauthn_allowed_device_types_obj
-
Added property
webauthn_allowed_device_types
(array) -
Added property
webauthn_allowed_device_types_obj
(array) -
Changed property
webauthn_user_verification
(string)Enforce user verification for WebAuthn devices.
-
Changed property
not_configured_action
(string) -
Changed property
device_classes
(array)Device classes which can be used to authenticate
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/authenticator/webauthn/
Request:
Changed content type : application/json
-
Added property
device_type_restrictions
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
New required properties:
-
device_type_restrictions_obj
-
Added property
device_type_restrictions
(array) -
Added property
device_type_restrictions_obj
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/authenticator/webauthn/
Parameters:
Added: device_type_restrictions
in query
Changed: authenticator_attachment
in query
Changed: resident_key_requirement
in query
Changed: user_verification
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > AuthenticatorWebAuthnStage Serializer
New required properties:
-
device_type_restrictions_obj
-
Added property
device_type_restrictions
(array) -
Added property
device_type_restrictions_obj
(array) -
Changed property
authenticator_attachment
(string) -
Changed property
user_verification
(string) -
Changed property
resident_key_requirement
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/captcha/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/captcha/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > CaptchaStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/consent/
Request:
Changed content type : application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/consent/
Parameters:
Changed: mode
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > ConsentStage Serializer
-
Changed property
mode
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/deny/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/deny/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > DenyStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/dummy/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/dummy/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > DummyStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/email/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/email/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > EmailStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/identification/
Request:
Changed content type : application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/identification/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > IdentificationStage Serializer
-
Changed property
user_fields
(array)Fields of the user object to match against. (Hold shift to select multiple options)
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/invitation/stages/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/invitation/stages/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > InvitationStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/password/
Request:
Changed content type : application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/password/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > PasswordStage Serializer
-
Changed property
backends
(array)Selection of backends to test the password against.
Changed items (string):
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
DELETE
/stages/prompt/prompts/{prompt_uuid}/
GET
/stages/prompt/prompts/{prompt_uuid}/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
PUT
/stages/prompt/prompts/{prompt_uuid}/
Request:
Changed content type : application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
PATCH
/stages/prompt/prompts/{prompt_uuid}/
Request:
Changed content type : application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/prompt/prompts/preview/
Request:
Changed content type : application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
flow_info
(object)Contextual flow information for a challenge
- Changed property
layout
(string)
- Changed property
-
Changed property
fields
(array)Changed items (object): > Serializer for a single Prompt field
- Changed property
type
(string)
- Changed property
-
POST
/stages/prompt/stages/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/prompt/stages/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > PromptStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/user_delete/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/user_delete/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > UserDeleteStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/user_login/
Request:
Changed content type : application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/user_login/
Parameters:
Changed: geoip_binding
in query
Bind sessions created by this stage to the configured GeoIP location
Changed: network_binding
in query
Bind sessions created by this stage to the configured network
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > UserLoginStage Serializer
-
Changed property
network_binding
(string)Bind sessions created by this stage to the configured network
-
Changed property
geoip_binding
(string)Bind sessions created by this stage to the configured GeoIP location
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/user_logout/
Request:
Changed content type : application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/user_logout/
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > UserLogoutStage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/user_write/
Request:
Changed content type : application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
GET
/stages/user_write/
Parameters:
Changed: user_creation_mode
in query
Changed: user_type
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > UserWriteStage Serializer
-
Changed property
user_creation_mode
(string) -
Changed property
user_type
(string) -
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
POST
/stages/prompt/prompts/
Request:
Changed content type : application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
Return Type:
Changed response : 201 Created
-
Changed content type :
application/json
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
GET
/stages/prompt/prompts/
Parameters:
Changed: type
in query
Return Type:
Changed response : 200 OK
-
Changed content type :
application/json
-
Changed property
results
(array)Changed items (object): > Prompt Serializer
-
Changed property
type
(string) -
Changed property
promptstage_set
(array)Changed items (object): > Stage Serializer
-
Changed property
flow_set
(array)Changed items (object): > Stripped down flow serializer
-
Changed property
designation
(string)Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.
-
Changed property
denied_action
(string)Configure what should happen when a flow denies access to a user.
-
Changed property
policy_engine_mode
(string) -
Changed property
layout
(string)
-
-
-
-