Skip to main content

Release 2024.4

Highlights

  • OAuth/SAML as authentication factor Enterprise Use an external provider as part of an MFA authentication flow, including custom implementations

  • SCIM Source Preview Provision users and groups in authentik using an SCIM API

  • Configurable WebAuthn device restrictions Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.

  • Performance improvements The API Endpoints to list Users, Groups, and Events have been optimized by 94%, 41% and 53% respectively

Breaking changes

Manual action may be required

  • Configuration options migrated to the Admin interface

    The following config options have been moved from the config file and can now be set using the Admin interface (under System -> Settings) or the API:

    • AUTHENTIK_DEFAULT_TOKEN_LENGTH

    When upgrading to 2024.4, the currently configured options will be automatically migrated to the database, and can be removed from the .env or helm values file afterwards.

New features

  • Source stage Enterprise

    The source stage allows for an inclusion of a source as part of a flow. This can be used to link a user to a source as part of their authentication/enrollment, or it can be used as an external multi-factor to provide device health attestation for example.

    For details refer to Source stage

  • SCIM Source Preview

    Provision users and groups in authentik using an SCIM API.

    For details refer to SCIM Source

  • Configurable WebAuthn device restrictions

    Configure which types of WebAuthn devices can be used to enroll and validate for different authorization levels.

    For details refer to WebAuthn authenticator setup stage

  • Revamped UI for log messages

    Log messages from several API endpoints are now shown with much greater detail, which helps with implementing custom policies and property mappings.

  • Python API Client

    There's now an official API Client for Python: https://pypi.org/project/authentik-client/. This API Client can be used to create/update/delete objects within authentik as well as using the Flow executor to authenticate.

  • Configure LDAP sources to not store hashed password in authentik

    When authentik is configured to federate with an LDAP source, upon authentication, authentik hashed the password and stored it in its own database. This allows authentication to function when LDAP is unreachable. Admins can now configure this behavior for when this is not desirable.

    For details refer to LDAP Source

  • Configurable app password token expiring

    Thanks @jmdilly for contributing this feature!

    Admins can now configure the default token duration (which defaults to minutes=30) in the admin interface as specified above. This value can also be overridden per-user with the goauthentik.io/user/token-maximum-lifetime attribute.

Upgrading

This release does not introduce any new requirements.

docker-compose

To upgrade, download the new docker-compose file and update the Docker stack with the new version, using these commands:

wget -O docker-compose.yml https://goauthentik.io/version/2024.4/docker-compose.yml
docker compose up -d

The -O flag retains the downloaded file's name, overwriting any existing local file with the same name.

Kubernetes

Upgrade the Helm Chart to the new version, using the following commands:

helm repo update
helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.4

Minor changes/fixes

  • admin: Handle latest version unknown in admin dashboard (#8858)
  • api: capabilities: properly set can_save_media when s3 is enabled (#8896)
  • api: fix authentication schema (#9238)
  • blueprints: fix default username field in user-settings flow (#9136)
  • blueprints: fix schema generation for PrimaryKeyRelated fields with non-int PK (#9140)
  • blueprints: only create default brand if no other default brand exists (#9222)
  • blueprints: use reconcile decorator instead of relying on function name prefix (#8483)
  • brands: add indexes to brand domain and default (#9343)
  • brands: fix context processor when request doesn't have a tenant (#8643)
  • core: add user settable token durations (#7410)
  • core: cache user application list under policies (#8895)
  • core: delegated group member management (#9254)
  • core: fix api schema for users and groups (#9298)
  • core: fix blueprint export (#8695)
  • core: optionally don't return groups' users and users' groups by default (#9179)
  • core: replace authentik_signals_ignored_fields with audit_ignore (#9291)
  • core: rework recovery API to return better error messages (#8655)
  • enterprise/rac: fix connection token management (#8909)
  • enterprise: fix audit middleware import (#9177)
  • enterprise: fix read_only activating when no license is installed (#8697)
  • enterprise: force license usage update after change to license (#8723)
  • enterprise: only check for valid license existing for creating Enterprise objects (#8813)
  • enterprise: use tenant uuid instead of install_id when tenants are enabled (#8823)
  • events: add context manager to ignore/modify audit events being written (#9181)
  • events: add indexes (#9272)
  • events: discard notification if user has empty email (#8938)
  • events: fix incorrect user logged when using API token authentication (#9302)
  • events: fix log_capture (#9075)
  • events: rework log messages returned from API and their rendering (#8770)
  • events: sanitize args and kwargs saved in system tasks (#8644)
  • flows: fix mismatched redirect behaviour for invalid and valid flows (#8794)
  • internal: add tests to go flow executor (#9219)
  • internal: cleanup static file serving setup code (#8965)
  • lib: cache gravatar connection status (#9248)
  • lifecycle: gunicorn: fix app preload (#9274)
  • lifecycle: migrate: ensure template schema exists before migrating (#8952)
  • outposts: improved set secret answers for flow execution (#8013)
  • outposts/proxy: Fix invalid redirect on external hosts containing path components (#8915)
  • outposts: Enhance config options for k8s outposts (#7363)
  • providers/oauth2: fix inconsistent sub value when setting via mapping (#8677)
  • providers/oauth2: fix interactive device flow (#9076)
  • providers/oauth2: fix offline_access requests when prompt doesn't include consent (#8731)
  • providers/oauth2: fix refresh_token grant returning incorrect id_token (#9275)
  • providers/oauth2: fix validation ordering (#8793)
  • providers/oauth2: improve conformance with client_credentials standard (#8471)
  • providers/scim: allow custom user and group schemas (#9255)
  • rbac: fix permission decorator for global permissions (#8591)
  • root: cherry-pick version bump
  • root: early spring clean for linting (#8498)
  • root: ensure consistent install_id (#8775)
  • root: expose session storage configuration (#9337)
  • root: fix app settings load order (#8569)
  • root: generate python client (#9107)
  • root: make redis settings more consistent (#9335)
  • root: move database calls from ready() to dedicated startup signal (#9081)
  • root: support redis username (#8935)
  • sources/ldap: add ability to disable password write on login (#8377)
  • sources/ldap: fix default blueprint for mapping user DN to path (#9355)
  • sources/oauth: add gitlab type [AUTH-323] (#8195)
  • sources/oauth: make URLs not required, only check when no OIDC URLs are defined (#9182)
  • sources/scim: cleanup service account when source is deleted (#9319)
  • sources/scim: service account should be internal (#9321)
  • sources: add SCIM source (#3051)
  • stages/authenticator_validate: add ability to limit webauthn device types (#9180)
  • stages/authenticator_validate: fix error with get_webauthn_challenge_without_user (#8625)
  • stages/authenticator_webauthn: Update FIDO MDS3 & Passkey aaguid blobs (#9268)
  • stages/authenticator_webauthn: add MDS support (#9114)
  • stages/authenticator_webauthn: fix attestation value (#9333)
  • stages/authenticator_webauthn: fix error when enrolling new device (#8738)
  • stages/email: Disable autoescape for text templates (#8812)
  • stages/email: fix issue when sending emails to users with same display as email (#8850)
  • stages/prompt: fix username field throwing error with existing user (#9342)
  • stages/user_write: ensure user data is json-serializable (#8926)
  • stages: source stage (#8330)
  • tenants: really ensure default tenant cannot be deleted (#8875)
  • web/admin: allow custom sorting for bound* tables (#9080)
  • web/admin: don't mark LDAP group property mappings as required (#8772)
  • web/admin: don't mark property mappings as required anywhere (#8752)
  • web/admin: fix SAML Provider preview (#9192)
  • web/admin: fix document title for admin interface (#9362)
  • web/admin: fix error in admin interface due to un-hydrated context (#9336)
  • web/admin: fix log viewer empty state (#9315)
  • web/admin: fix markdown table rendering (#8908)
  • web/admin: fix user_write stage's user type input (#9344)
  • web/admin: group form dual select (#9354)
  • web/admin: remove enterprise preview banner (#8991)
  • web/admin: rework captcha stage (#9256)
  • web/admin: small fixes (#9002)
  • web/flows: fix form input rendering issue (#9297)
  • web/flows: general ux improvements (#8558)
  • web/flows: fix passwordless hidden without input (#9273)
  • web/flows: fix webauthn retry (#8599)
  • web/flows: improve authenticator styling (#8560)
  • web/flows: update flow background (#9305)
  • web: a few minor bugfixes and lintfixes (#9044)
  • web: ak-checkbox-group for short, static, multi-select events (#9138)
  • web: change "delete" verb to "remove" for one-to-many relationships (#8535)
  • web: clean up UserInterface in prep for OAuth and Silo Projects (#8278)
  • web: clean up and remove redundant alias '@goauthentik/app' (#8889)
  • web: consistent style declarations internally (#9077)
  • web: fix save & reset behavior on System ➲ Settings page. (#8528)
  • web: improve build speeds even moar!!!!!! (#8954)
  • web: maintenance: split tsconfig into “base” and “build” variants. (#9036)
  • web: manage stacked modals with a stack (#9193)
  • web: move context controllers into reactive controller plugins (#8996)
  • web: preserve selected list when provider updates (#9200)
  • web: provide InstallID on EnterpriseListPage (#8898)
  • web: replace rollup with esbuild (#8699)
  • web: restore sourcemaps (#9300)
  • web: spell customization with a Z (#8596)
  • web: upgrade to lit 3 (#8781)

Fixed in 2024.4.1

  • core: fix logic for token expiration (cherry-pick #9426) (#9428)
  • lifecycle: always try custom redis URL (cherry-pick #9441) (#9458)
  • sources/oauth: ensure all UI sources return a valid source (cherry-pick #9401) (#9406)
  • sources/scim: fix service account user path (cherry-pick #9463) (#9470)
  • stages/identification: don't check source component (cherry-pick #9410) (#9420)
  • web/admin: fix disabled button color with dark theme (cherry-pick #9465) (#9468)
  • web/admin: show user internal service account as disabled (cherry-pick #9464) (#9467)
  • web/common: fix locale detection for user-set locale (cherry-pick #9436) (#9439)
  • web: Add resolved and integrity fields back to package-lock.json (cherry-pick #9419) (#9421)
  • web: markdown: display markdown even when frontmatter is missing (cherry-pick #9404) (#9405)

Fixed in 2024.4.2

  • core: fix source_flow_manager saving user-source connection too early (cherry-pick #9559) (#9578)
  • core: fix task clean_expiring_models removing valid sessions with using database storage (cherry-pick #9598) (#9601)
  • core: only prefetch related objects when required (cherry-pick #9476) (#9510)
  • enterprise/audit: fix audit logging with m2m relations (cherry-pick #9571) (#9572)
  • events: ensure all models' __str__ can be called without any further lookups (cherry-pick #9480) (#9485)
  • flows: fix execute API endpoint (cherry-pick #9478) (#9481)
  • lifecycle: close database connection after migrating (cherry-pick #9516) (#9531)
  • providers/saml: fix ECDSA support (cherry-pick #9537) (#9544)
  • providers/scim: fix SCIM ID incorrectly used as primary key (cherry-pick #9557) (#9579)
  • providers/scim: fix Sync task's time_limit not set correctly (cherry-pick #9546) (#9553)
  • sources/oauth: fix OAuth2 Client sending token request incorrectly (cherry-pick #9474) (#9475)
  • sources/scim: fix duplicate groups and invalid schema (cherry-pick #9466) (#9606)
  • tenants: fix scheduled tasks not running on default tenant (cherry-pick #9583) (#9586)
  • web/flows: fix error when enrolling multiple WebAuthn devices consecutively (cherry-pick #9545) (#9547)
  • web/flows: fix missing fallback for flow logo (cherry-pick #9487) (#9492)
  • web: Add missing integrity hashes to package-lock.json (#9527)

Fixed in 2024.4.3

Fixed in 2024.4.4

API Changes

What's New


GET /sources/scim/
POST /sources/scim/
GET /sources/scim/{slug}/
PUT /sources/scim/{slug}/
DELETE /sources/scim/{slug}/
PATCH /sources/scim/{slug}/
GET /sources/scim/{slug}/used_by/
GET /sources/scim_groups/
POST /sources/scim_groups/
GET /sources/scim_groups/{id}/
PUT /sources/scim_groups/{id}/
DELETE /sources/scim_groups/{id}/
PATCH /sources/scim_groups/{id}/
GET /sources/scim_groups/{id}/used_by/
GET /sources/scim_users/
POST /sources/scim_users/
GET /sources/scim_users/{id}/
PUT /sources/scim_users/{id}/
DELETE /sources/scim_users/{id}/
PATCH /sources/scim_users/{id}/
GET /sources/scim_users/{id}/used_by/
GET /stages/authenticator/webauthn_device_types/
GET /stages/authenticator/webauthn_device_types/{aaguid}/
GET /stages/source/
POST /stages/source/
GET /stages/source/{stage_uuid}/
PUT /stages/source/{stage_uuid}/
DELETE /stages/source/{stage_uuid}/
PATCH /stages/source/{stage_uuid}/
GET /stages/source/{stage_uuid}/used_by/
POST /core/users/{id}/recovery/
POST /core/users/{id}/recovery_email/

What's Deleted


GET /core/users/{id}/recovery/
GET /core/users/{id}/recovery_email/

What's Changed


GET /admin/apps/
GET /admin/models/
GET /admin/settings/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property default_token_duration (string)

      Default token duration

    • Added property default_token_length (integer)

      Default token length

PUT /admin/settings/
Request:

Changed content type : application/json

  • Added property default_token_duration (string)

    Default token duration

  • Added property default_token_length (integer)

    Default token length

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property default_token_duration (string)

      Default token duration

    • Added property default_token_length (integer)

      Default token length

PATCH /admin/settings/
Request:

Changed content type : application/json

  • Added property default_token_duration (string)

    Default token duration

  • Added property default_token_length (integer)

    Default token length

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property default_token_duration (string)

      Default token duration

    • Added property default_token_length (integer)

      Default token length

GET /admin/system/
POST /admin/system/
GET /admin/version/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • version_latest_valid

    • Added property version_latest_valid (boolean)

      Check if latest version is valid

GET /admin/workers/
GET /authenticators/admin/all/
GET /authenticators/admin/duo/{id}/
PUT /authenticators/admin/duo/{id}/
DELETE /authenticators/admin/duo/{id}/
PATCH /authenticators/admin/duo/{id}/
GET /authenticators/admin/sms/{id}/
PUT /authenticators/admin/sms/{id}/
DELETE /authenticators/admin/sms/{id}/
PATCH /authenticators/admin/sms/{id}/
GET /authenticators/admin/totp/{id}/
PUT /authenticators/admin/totp/{id}/
DELETE /authenticators/admin/totp/{id}/
PATCH /authenticators/admin/totp/{id}/
GET /authenticators/admin/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

      • Property aaguid (string)

      • Property description (string)

    • Added property aaguid (string)

PUT /authenticators/admin/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

DELETE /authenticators/admin/webauthn/{id}/
PATCH /authenticators/admin/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

GET /authenticators/all/
GET /authenticators/duo/{id}/
PUT /authenticators/duo/{id}/
DELETE /authenticators/duo/{id}/
PATCH /authenticators/duo/{id}/
GET /authenticators/sms/{id}/
PUT /authenticators/sms/{id}/
DELETE /authenticators/sms/{id}/
PATCH /authenticators/sms/{id}/
GET /authenticators/totp/{id}/
PUT /authenticators/totp/{id}/
DELETE /authenticators/totp/{id}/
PATCH /authenticators/totp/{id}/
GET /authenticators/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

PUT /authenticators/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

DELETE /authenticators/webauthn/{id}/
PATCH /authenticators/webauthn/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

GET /core/applications/{slug}/check_access/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property log_messages (array)

      Changed items (object): > Single log message with all context logged.

      New required properties:

      • attributes

      • event

      • log_level

      • logger

      • timestamp

      • Added property timestamp (string)

      • Added property log_level (string)

        Enum values:

        • critical
        • exception
        • error
        • warn
        • warning
        • info
        • debug
        • notset
      • Added property logger (string)

      • Added property event (string)

      • Added property attributes (object)

GET /core/applications/{slug}/metrics/
POST /core/applications/{slug}/set_icon/
POST /core/applications/{slug}/set_icon_url/
GET /core/authenticated_sessions/{uuid}/
DELETE /core/authenticated_sessions/{uuid}/
GET /core/brands/{brand_uuid}/
PUT /core/brands/{brand_uuid}/
DELETE /core/brands/{brand_uuid}/
PATCH /core/brands/{brand_uuid}/
POST /core/groups/{group_uuid}/add_user/
POST /core/groups/{group_uuid}/remove_user/
POST /core/tokens/{identifier}/set_key/
GET /core/tokens/{identifier}/view_key/
POST /core/users/{id}/impersonate/
POST /core/users/{id}/set_password/
GET /core/users/impersonate_end/
GET /core/users/paths/
POST /core/users/service_account/
GET /crypto/certificatekeypairs/{kp_uuid}/
PUT /crypto/certificatekeypairs/{kp_uuid}/
DELETE /crypto/certificatekeypairs/{kp_uuid}/
PATCH /crypto/certificatekeypairs/{kp_uuid}/
GET /crypto/certificatekeypairs/{kp_uuid}/view_certificate/
GET /crypto/certificatekeypairs/{kp_uuid}/view_private_key/
POST /crypto/certificatekeypairs/generate/
GET /enterprise/license/{license_uuid}/
PUT /enterprise/license/{license_uuid}/
DELETE /enterprise/license/{license_uuid}/
PATCH /enterprise/license/{license_uuid}/
GET /enterprise/license/forecast/
GET /enterprise/license/get_install_id/
GET /enterprise/license/summary/
GET /events/events/actions/
GET /events/events/per_month/
GET /events/events/top_per_user/
GET /events/events/volume/
POST /events/notifications/mark_all_seen/
POST /events/system_tasks/{uuid}/run/
POST /events/transports/{uuid}/test/
GET /flows/instances/{slug}/diagram/
GET /flows/instances/{slug}/execute/
GET /flows/instances/{slug}/export/
POST /flows/instances/{slug}/set_background/
POST /flows/instances/{slug}/set_background_url/
POST /flows/instances/cache_clear/
GET /flows/instances/cache_info/
POST /flows/instances/import/
Return Type:

Changed response : 204 No Content

  • Changed content type : application/json

    • Changed property logs (array)

      Changed items (object): > Single log message with all context logged.

      New required properties:

      • attributes

      • event

      • log_level

      • logger

      • timestamp

      • Added property timestamp (string)

      • Added property log_level (string)

      • Added property logger (string)

      • Added property event (string)

      • Added property attributes (object)

Changed response : 400 Bad Request

  • Changed content type : application/json

    • Changed property logs (array)

      Changed items (object): > Single log message with all context logged.

      New required properties:

      • attributes

      • event

      • log_level

      • logger

      • timestamp

      • Added property timestamp (string)

      • Added property log_level (string)

      • Added property logger (string)

      • Added property event (string)

      • Added property attributes (object)

GET /managed/blueprints/{instance_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property status (string)
PUT /managed/blueprints/{instance_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property status (string)
DELETE /managed/blueprints/{instance_uuid}/
PATCH /managed/blueprints/{instance_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property status (string)
POST /managed/blueprints/{instance_uuid}/apply/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property status (string)
GET /managed/blueprints/available/
GET /outposts/instances/{uuid}/health/
GET /outposts/instances/default_settings/
GET /outposts/proxy/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

GET /outposts/radius/{id}/
GET /outposts/service_connections/all/{uuid}/
DELETE /outposts/service_connections/all/{uuid}/
GET /outposts/service_connections/all/{uuid}/state/
GET /outposts/service_connections/all/types/
GET /outposts/service_connections/docker/{uuid}/
PUT /outposts/service_connections/docker/{uuid}/
DELETE /outposts/service_connections/docker/{uuid}/
PATCH /outposts/service_connections/docker/{uuid}/
GET /outposts/service_connections/kubernetes/{uuid}/
PUT /outposts/service_connections/kubernetes/{uuid}/
DELETE /outposts/service_connections/kubernetes/{uuid}/
PATCH /outposts/service_connections/kubernetes/{uuid}/
GET /policies/all/{policy_uuid}/
DELETE /policies/all/{policy_uuid}/
POST /policies/all/{policy_uuid}/test/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property log_messages (array)

      Changed items (object): > Single log message with all context logged.

      New required properties:

      • attributes

      • event

      • log_level

      • logger

      • timestamp

      • Added property timestamp (string)

      • Added property log_level (string)

      • Added property logger (string)

      • Added property event (string)

      • Added property attributes (object)

POST /policies/all/cache_clear/
GET /policies/all/cache_info/
GET /policies/all/types/
GET /policies/dummy/{policy_uuid}/
PUT /policies/dummy/{policy_uuid}/
DELETE /policies/dummy/{policy_uuid}/
PATCH /policies/dummy/{policy_uuid}/
GET /policies/event_matcher/{policy_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)

      Match created events with this action type. When left empty, all action types will be matched.

    • Changed property app (string)

      Match events created by selected application. When left empty, all applications are matched.

      Added enum values:

      • authentik.sources.scim
      • authentik.enterprise.stages.source
    • Changed property model (string)

      Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

      Added enum values:

      • authentik_sources_scim.scimsource

      • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

      • authentik_stages_source.sourcestage Removed enum value:

      • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

PUT /policies/event_matcher/{policy_uuid}/
Request:

Changed content type : application/json

  • Changed property action (string)

    Match created events with this action type. When left empty, all action types will be matched.

  • Changed property app (string)

    Match events created by selected application. When left empty, all applications are matched.

    Added enum values:

    • authentik.sources.scim
    • authentik.enterprise.stages.source
  • Changed property model (string)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)

      Match created events with this action type. When left empty, all action types will be matched.

    • Changed property app (string)

      Match events created by selected application. When left empty, all applications are matched.

      Added enum values:

      • authentik.sources.scim
      • authentik.enterprise.stages.source
    • Changed property model (string)

      Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

      Added enum values:

      • authentik_sources_scim.scimsource

      • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

      • authentik_stages_source.sourcestage Removed enum value:

      • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

DELETE /policies/event_matcher/{policy_uuid}/
PATCH /policies/event_matcher/{policy_uuid}/
Request:

Changed content type : application/json

  • Changed property action (string)

    Match created events with this action type. When left empty, all action types will be matched.

  • Changed property app (string)

    Match events created by selected application. When left empty, all applications are matched.

    Added enum values:

    • authentik.sources.scim
    • authentik.enterprise.stages.source
  • Changed property model (string)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)

      Match created events with this action type. When left empty, all action types will be matched.

    • Changed property app (string)

      Match events created by selected application. When left empty, all applications are matched.

      Added enum values:

      • authentik.sources.scim
      • authentik.enterprise.stages.source
    • Changed property model (string)

      Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

      Added enum values:

      • authentik_sources_scim.scimsource

      • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

      • authentik_stages_source.sourcestage Removed enum value:

      • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

GET /policies/expression/{policy_uuid}/
PUT /policies/expression/{policy_uuid}/
DELETE /policies/expression/{policy_uuid}/
PATCH /policies/expression/{policy_uuid}/
GET /policies/password/{policy_uuid}/
PUT /policies/password/{policy_uuid}/
DELETE /policies/password/{policy_uuid}/
PATCH /policies/password/{policy_uuid}/
GET /policies/password_expiry/{policy_uuid}/
PUT /policies/password_expiry/{policy_uuid}/
DELETE /policies/password_expiry/{policy_uuid}/
PATCH /policies/password_expiry/{policy_uuid}/
GET /policies/reputation/{policy_uuid}/
PUT /policies/reputation/{policy_uuid}/
DELETE /policies/reputation/{policy_uuid}/
PATCH /policies/reputation/{policy_uuid}/
GET /policies/reputation/scores/{reputation_uuid}/
DELETE /policies/reputation/scores/{reputation_uuid}/
GET /propertymappings/all/{pm_uuid}/
DELETE /propertymappings/all/{pm_uuid}/
POST /propertymappings/all/{pm_uuid}/test/
GET /propertymappings/all/types/
GET /propertymappings/ldap/{pm_uuid}/
PUT /propertymappings/ldap/{pm_uuid}/
DELETE /propertymappings/ldap/{pm_uuid}/
PATCH /propertymappings/ldap/{pm_uuid}/
GET /propertymappings/notification/{pm_uuid}/
PUT /propertymappings/notification/{pm_uuid}/
DELETE /propertymappings/notification/{pm_uuid}/
PATCH /propertymappings/notification/{pm_uuid}/
GET /propertymappings/rac/{pm_uuid}/
PUT /propertymappings/rac/{pm_uuid}/
DELETE /propertymappings/rac/{pm_uuid}/
PATCH /propertymappings/rac/{pm_uuid}/
GET /propertymappings/saml/{pm_uuid}/
PUT /propertymappings/saml/{pm_uuid}/
DELETE /propertymappings/saml/{pm_uuid}/
PATCH /propertymappings/saml/{pm_uuid}/
GET /propertymappings/scim/{pm_uuid}/
PUT /propertymappings/scim/{pm_uuid}/
DELETE /propertymappings/scim/{pm_uuid}/
PATCH /propertymappings/scim/{pm_uuid}/
GET /propertymappings/scope/{pm_uuid}/
PUT /propertymappings/scope/{pm_uuid}/
DELETE /propertymappings/scope/{pm_uuid}/
PATCH /propertymappings/scope/{pm_uuid}/
GET /providers/all/{id}/
DELETE /providers/all/{id}/
GET /providers/all/types/
GET /providers/oauth2/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property client_type (string)

      Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    • Changed property issuer_mode (string)

      Configure how the issuer field of the ID Token should be filled.

PUT /providers/oauth2/{id}/
Request:

Changed content type : application/json

  • Changed property client_type (string)

    Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

  • Changed property issuer_mode (string)

    Configure how the issuer field of the ID Token should be filled.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property client_type (string)

      Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    • Changed property issuer_mode (string)

      Configure how the issuer field of the ID Token should be filled.

DELETE /providers/oauth2/{id}/
PATCH /providers/oauth2/{id}/
Request:

Changed content type : application/json

  • Changed property client_type (string)

    Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

  • Changed property issuer_mode (string)

    Configure how the issuer field of the ID Token should be filled.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property client_type (string)

      Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    • Changed property issuer_mode (string)

      Configure how the issuer field of the ID Token should be filled.

GET /providers/oauth2/{id}/preview_user/
GET /providers/oauth2/{id}/setup_urls/
GET /providers/proxy/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

PUT /providers/proxy/{id}/
Request:

Changed content type : application/json

  • Changed property mode (string)

    Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

DELETE /providers/proxy/{id}/
PATCH /providers/proxy/{id}/
Request:

Changed content type : application/json

  • Changed property mode (string)

    Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

GET /providers/rac/{id}/
PUT /providers/rac/{id}/
DELETE /providers/rac/{id}/
PATCH /providers/rac/{id}/
GET /providers/radius/{id}/
PUT /providers/radius/{id}/
DELETE /providers/radius/{id}/
PATCH /providers/radius/{id}/
GET /providers/saml/{id}/metadata/
GET /providers/saml/{id}/preview_user/
POST /providers/saml/import_metadata/
GET /providers/scim/{id}/
PUT /providers/scim/{id}/
DELETE /providers/scim/{id}/
PATCH /providers/scim/{id}/
GET /rbac/permissions/{id}/
GET /rbac/roles/{uuid}/
PUT /rbac/roles/{uuid}/
DELETE /rbac/roles/{uuid}/
PATCH /rbac/roles/{uuid}/
GET /schema/
POST /sources/all/{slug}/set_icon/
POST /sources/all/{slug}/set_icon_url/
GET /sources/all/types/
GET /sources/all/user_settings/
GET /sources/ldap/{slug}/debug/
GET /sources/oauth/source_types/
POST /sources/plex/redeem_token_authenticated/
GET /sources/saml/{slug}/metadata/
GET /stages/all/types/
GET /stages/all/user_settings/
POST /stages/authenticator/duo/{stage_uuid}/import_device_manual/
POST /stages/authenticator/duo/{stage_uuid}/import_devices_automatic/
GET /stages/email/templates/
GET /admin/metrics/
POST /authenticators/admin/duo/
GET /authenticators/admin/duo/
POST /authenticators/admin/sms/
GET /authenticators/admin/sms/
DELETE /authenticators/admin/static/{id}/
GET /authenticators/admin/static/{id}/
PUT /authenticators/admin/static/{id}/
PATCH /authenticators/admin/static/{id}/
POST /authenticators/admin/totp/
GET /authenticators/admin/totp/
POST /authenticators/admin/webauthn/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    New required properties:

    • aaguid

    • device_type

    • Added property device_type (object)

    • Added property aaguid (string)

GET /authenticators/admin/webauthn/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for WebAuthn authenticator devices

      New required properties:

      • aaguid

      • device_type

      • Added property device_type (object)

      • Added property aaguid (string)

GET /authenticators/duo/
GET /authenticators/duo/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /authenticators/sms/
GET /authenticators/sms/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /authenticators/static/{id}/
GET /authenticators/static/{id}/
PUT /authenticators/static/{id}/
PATCH /authenticators/static/{id}/
GET /authenticators/static/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /authenticators/totp/
GET /authenticators/totp/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /authenticators/webauthn/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for WebAuthn authenticator devices

      New required properties:

      • aaguid

      • device_type

      • Added property device_type (object)

      • Added property aaguid (string)

GET /authenticators/webauthn/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /core/applications/{slug}/
GET /core/applications/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property policy_engine_mode (string)
PUT /core/applications/{slug}/
Request:

Changed content type : application/json

  • Changed property policy_engine_mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property policy_engine_mode (string)
PATCH /core/applications/{slug}/
Request:

Changed content type : application/json

  • Changed property policy_engine_mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property policy_engine_mode (string)
GET /core/applications/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /core/authenticated_sessions/
GET /core/authenticated_sessions/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /core/brands/
GET /core/brands/
GET /core/brands/{brand_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /core/brands/current/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property ui_theme (string)
DELETE /core/groups/{group_uuid}/
GET /core/groups/{group_uuid}/
PUT /core/groups/{group_uuid}/
PATCH /core/groups/{group_uuid}/
GET /core/groups/{group_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /core/tokens/{identifier}/
GET /core/tokens/{identifier}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property intent (string)

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
PUT /core/tokens/{identifier}/
Request:

Changed content type : application/json

  • Changed property intent (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property intent (string)

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
PATCH /core/tokens/{identifier}/
Request:

Changed content type : application/json

  • Changed property intent (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property intent (string)

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
GET /core/tokens/{identifier}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /core/user_consent/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /core/users/{id}/
GET /core/users/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
PUT /core/users/{id}/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
PATCH /core/users/{id}/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
GET /core/users/{id}/metrics/
GET /core/users/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /crypto/certificatekeypairs/
GET /crypto/certificatekeypairs/
GET /crypto/certificatekeypairs/{kp_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /enterprise/license/
GET /enterprise/license/
GET /enterprise/license/{license_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /events/events/{event_uuid}/
GET /events/events/{event_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)
PUT /events/events/{event_uuid}/
Request:

Changed content type : application/json

  • Changed property action (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)
PATCH /events/events/{event_uuid}/
Request:

Changed content type : application/json

  • Changed property action (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property action (string)
GET /events/notifications/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /events/rules/{pbm_uuid}/
GET /events/rules/{pbm_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

      Controls which severity level the created notifications will have.

PUT /events/rules/{pbm_uuid}/
Request:

Changed content type : application/json

  • Changed property severity (string)

    Controls which severity level the created notifications will have.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

      Controls which severity level the created notifications will have.

PATCH /events/rules/{pbm_uuid}/
Request:

Changed content type : application/json

  • Changed property severity (string)

    Controls which severity level the created notifications will have.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

      Controls which severity level the created notifications will have.

GET /events/rules/{pbm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /events/system_tasks/{uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property messages (array)

      Changed items (string -> object): > Single log message with all context logged.

    • Changed property status (string)

DELETE /events/transports/{uuid}/
GET /events/transports/{uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)
PUT /events/transports/{uuid}/
Request:

Changed content type : application/json

  • Changed property mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)
PATCH /events/transports/{uuid}/
Request:

Changed content type : application/json

  • Changed property mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)
GET /events/transports/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /flows/bindings/{fsb_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /flows/instances/{slug}/
GET /flows/instances/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property authentication (string)

      Required level of authentication and authorization to access a flow.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

PUT /flows/instances/{slug}/
Request:

Changed content type : application/json

  • Changed property designation (string)

    Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

  • Changed property denied_action (string)

    Configure what should happen when a flow denies access to a user.

  • Changed property authentication (string)

    Required level of authentication and authorization to access a flow.

  • Changed property policy_engine_mode (string)

  • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property authentication (string)

      Required level of authentication and authorization to access a flow.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

PATCH /flows/instances/{slug}/
Request:

Changed content type : application/json

  • Changed property designation (string)

    Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

  • Changed property denied_action (string)

    Configure what should happen when a flow denies access to a user.

  • Changed property authentication (string)

    Required level of authentication and authorization to access a flow.

  • Changed property policy_engine_mode (string)

  • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property authentication (string)

      Required level of authentication and authorization to access a flow.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

GET /flows/instances/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /managed/blueprints/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property status (string)
GET /managed/blueprints/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Info about a single blueprint instance file

      • Changed property status (string)
GET /managed/blueprints/{instance_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /oauth2/access_tokens/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /oauth2/authorization_codes/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /oauth2/refresh_tokens/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /outposts/instances/{uuid}/
GET /outposts/instances/{uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
PUT /outposts/instances/{uuid}/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
PATCH /outposts/instances/{uuid}/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)
GET /outposts/instances/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /outposts/ldap/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property search_mode (string)
GET /outposts/proxy/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Proxy provider serializer for outposts

      • Changed property mode (string)

        Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

GET /outposts/radius/
GET /outposts/service_connections/all/
GET /outposts/service_connections/all/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /outposts/service_connections/docker/
GET /outposts/service_connections/docker/
GET /outposts/service_connections/docker/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /outposts/service_connections/kubernetes/
GET /outposts/service_connections/kubernetes/
GET /outposts/service_connections/kubernetes/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /policies/all/
GET /policies/all/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /policies/bindings/{policy_binding_uuid}/
GET /policies/bindings/{policy_binding_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
PUT /policies/bindings/{policy_binding_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
PATCH /policies/bindings/{policy_binding_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
GET /policies/bindings/{policy_binding_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/dummy/
GET /policies/dummy/
GET /policies/dummy/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/event_matcher/
Request:

Changed content type : application/json

  • Changed property action (string)

    Match created events with this action type. When left empty, all action types will be matched.

  • Changed property app (string)

    Match events created by selected application. When left empty, all applications are matched.

    Added enum values:

    • authentik.sources.scim
    • authentik.enterprise.stages.source
  • Changed property model (string)

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property action (string)

      Match created events with this action type. When left empty, all action types will be matched.

    • Changed property app (string)

      Match events created by selected application. When left empty, all applications are matched.

      Added enum values:

      • authentik.sources.scim
      • authentik.enterprise.stages.source
    • Changed property model (string)

      Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

      Added enum values:

      • authentik_sources_scim.scimsource

      • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

      • authentik_stages_source.sourcestage Removed enum value:

      • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

GET /policies/event_matcher/
Parameters:

Changed: action in query

Match created events with this action type. When left empty, all action types will be matched.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Event Matcher Policy Serializer

      • Changed property action (string)

        Match created events with this action type. When left empty, all action types will be matched.

      • Changed property app (string)

        Match events created by selected application. When left empty, all applications are matched.

        Added enum values:

        • authentik.sources.scim
        • authentik.enterprise.stages.source
      • Changed property model (string)

        Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

        Added enum values:

        • authentik_sources_scim.scimsource

        • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

        • authentik_stages_source.sourcestage Removed enum value:

        • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

GET /policies/event_matcher/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/expression/
GET /policies/expression/
GET /policies/expression/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/password/
GET /policies/password/
GET /policies/password/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/password_expiry/
GET /policies/password_expiry/
GET /policies/password_expiry/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /policies/reputation/
GET /policies/reputation/
GET /policies/reputation/{policy_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /policies/reputation/scores/
GET /policies/reputation/scores/{reputation_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /propertymappings/all/
GET /propertymappings/all/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/ldap/
GET /propertymappings/ldap/
GET /propertymappings/ldap/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/notification/
GET /propertymappings/notification/
GET /propertymappings/notification/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/rac/
GET /propertymappings/rac/
GET /propertymappings/rac/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/saml/
GET /propertymappings/saml/
GET /propertymappings/saml/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/scim/
GET /propertymappings/scim/
GET /propertymappings/scim/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /propertymappings/scope/
GET /propertymappings/scope/
GET /propertymappings/scope/{pm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /providers/all/
GET /providers/all/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /providers/ldap/{id}/
GET /providers/ldap/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property search_mode (string)
PUT /providers/ldap/{id}/
Request:

Changed content type : application/json

  • Changed property search_mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property search_mode (string)
PATCH /providers/ldap/{id}/
Request:

Changed content type : application/json

  • Changed property search_mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property search_mode (string)
GET /providers/ldap/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /providers/oauth2/
Request:

Changed content type : application/json

  • Changed property client_type (string)

    Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

  • Changed property sub_mode (string)

    Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

  • Changed property issuer_mode (string)

    Configure how the issuer field of the ID Token should be filled.

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property client_type (string)

      Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    • Changed property issuer_mode (string)

      Configure how the issuer field of the ID Token should be filled.

GET /providers/oauth2/
Parameters:

Changed: client_type in query

Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

Changed: issuer_mode in query

Configure how the issuer field of the ID Token should be filled.

Changed: sub_mode in query

Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > OAuth2Provider Serializer

      • Changed property client_type (string)

        Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      • Changed property issuer_mode (string)

        Configure how the issuer field of the ID Token should be filled.

GET /providers/oauth2/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /providers/proxy/
Request:

Changed content type : application/json

  • Changed property mode (string)

    Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

GET /providers/proxy/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > ProxyProvider Serializer

      • Changed property mode (string)

        Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

GET /providers/proxy/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /providers/rac/
GET /providers/rac/
GET /providers/rac/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /providers/radius/
GET /providers/radius/
GET /providers/radius/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /providers/saml/{id}/
GET /providers/saml/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sp_binding (string)

      This determines how authentik sends the response back to the Service Provider.

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

PUT /providers/saml/{id}/
Request:

Changed content type : application/json

  • Changed property sp_binding (string)

    This determines how authentik sends the response back to the Service Provider.

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sp_binding (string)

      This determines how authentik sends the response back to the Service Provider.

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

PATCH /providers/saml/{id}/
Request:

Changed content type : application/json

  • Changed property sp_binding (string)

    This determines how authentik sends the response back to the Service Provider.

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property sp_binding (string)

      This determines how authentik sends the response back to the Service Provider.

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

GET /providers/saml/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /providers/scim/
GET /providers/scim/
GET /providers/scim/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /rac/connection_tokens/{connection_token_uuid}/
Parameters:

Changed: connection_token_uuid in path

A UUID string identifying this RAC Connection token.

GET /rac/connection_tokens/{connection_token_uuid}/
Parameters:

Changed: connection_token_uuid in path

A UUID string identifying this RAC Connection token.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New optional properties:

    • pk

    • Changed property pk (string)

    • Changed property endpoint (string)

    • Changed property endpoint_obj (object)

      Endpoint Serializer

      • Changed property protocol (string)

      • Changed property auth_mode (string)

PUT /rac/connection_tokens/{connection_token_uuid}/
Parameters:

Changed: connection_token_uuid in path

A UUID string identifying this RAC Connection token.

Request:

Changed content type : application/json

New required properties:

  • endpoint
  • Added property pk (string)

  • Added property endpoint (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New optional properties:

    • pk

    • Changed property pk (string)

    • Changed property endpoint (string)

    • Changed property endpoint_obj (object)

      Endpoint Serializer

      • Changed property protocol (string)

      • Changed property auth_mode (string)

PATCH /rac/connection_tokens/{connection_token_uuid}/
Parameters:

Changed: connection_token_uuid in path

A UUID string identifying this RAC Connection token.

Request:

Changed content type : application/json

  • Added property pk (string)

  • Added property endpoint (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New optional properties:

    • pk

    • Changed property pk (string)

    • Changed property endpoint (string)

    • Changed property endpoint_obj (object)

      Endpoint Serializer

      • Changed property protocol (string)

      • Changed property auth_mode (string)

GET /rac/connection_tokens/{connection_token_uuid}/used_by/
Parameters:

Changed: connection_token_uuid in path

A UUID string identifying this RAC Connection token.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /rac/endpoints/{pbm_uuid}/
GET /rac/endpoints/{pbm_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property protocol (string)

    • Changed property auth_mode (string)

PUT /rac/endpoints/{pbm_uuid}/
Request:

Changed content type : application/json

  • Changed property protocol (string)

  • Changed property auth_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property protocol (string)

    • Changed property auth_mode (string)

PATCH /rac/endpoints/{pbm_uuid}/
Request:

Changed content type : application/json

  • Changed property protocol (string)

  • Changed property auth_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property protocol (string)

    • Changed property auth_mode (string)

GET /rac/endpoints/{pbm_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /rbac/permissions/
POST /rbac/permissions/assigned_by_roles/{uuid}/assign/
Request:

Changed content type : application/json

  • Changed property model (string)

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

PATCH /rbac/permissions/assigned_by_roles/{uuid}/unassign/
Request:

Changed content type : application/json

  • Changed property model (string)

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

POST /rbac/permissions/assigned_by_users/{id}/assign/
Request:

Changed content type : application/json

  • Changed property model (string)

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

PATCH /rbac/permissions/assigned_by_users/{id}/unassign/
Request:

Changed content type : application/json

  • Changed property model (string)

    Added enum values:

    • authentik_sources_scim.scimsource

    • authentik_stages_authenticator_webauthn.authenticatorwebauthnstage

    • authentik_stages_source.sourcestage Removed enum value:

    • authentik_stages_authenticator_webauthn.authenticatewebauthnstage

GET /rbac/permissions/roles/
GET /rbac/permissions/users/
POST /rbac/roles/
GET /rbac/roles/
GET /rbac/roles/{uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /root/config/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property capabilities (array)

      Changed items (string):

DELETE /sources/all/{slug}/
GET /sources/all/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

GET /sources/all/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/ldap/{slug}/
GET /sources/ldap/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property password_login_update_internal_password (boolean)

      Update internal authentik password when login succeeds with LDAP

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

PUT /sources/ldap/{slug}/
Request:

Changed content type : application/json

  • Added property password_login_update_internal_password (boolean)

    Update internal authentik password when login succeeds with LDAP

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property password_login_update_internal_password (boolean)

      Update internal authentik password when login succeeds with LDAP

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

PATCH /sources/ldap/{slug}/
Request:

Changed content type : application/json

  • Added property password_login_update_internal_password (boolean)

    Update internal authentik password when login succeeds with LDAP

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Added property password_login_update_internal_password (boolean)

      Update internal authentik password when login succeeds with LDAP

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

GET /sources/ldap/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/oauth/{slug}/
GET /sources/oauth/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

    • Changed property provider_type (string)

      Added enum value:

      • gitlab
PUT /sources/oauth/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

  • Changed property provider_type (string)

    Added enum value:

    • gitlab
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

    • Changed property provider_type (string)

      Added enum value:

      • gitlab
PATCH /sources/oauth/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

  • Changed property provider_type (string)

    Added enum value:

    • gitlab
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

    • Changed property provider_type (string)

      Added enum value:

      • gitlab
GET /sources/oauth/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/plex/{slug}/
GET /sources/plex/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

PUT /sources/plex/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

PATCH /sources/plex/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

GET /sources/plex/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/saml/{slug}/
GET /sources/saml/{slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property name_id_policy (string)

      NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

    • Changed property policy_engine_mode (string)

    • Changed property binding_type (string)

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

PUT /sources/saml/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property name_id_policy (string)

    NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

  • Changed property policy_engine_mode (string)

  • Changed property binding_type (string)

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property name_id_policy (string)

      NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

    • Changed property policy_engine_mode (string)

    • Changed property binding_type (string)

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

PATCH /sources/saml/{slug}/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property name_id_policy (string)

    NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

  • Changed property policy_engine_mode (string)

  • Changed property binding_type (string)

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property name_id_policy (string)

      NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

    • Changed property policy_engine_mode (string)

    • Changed property binding_type (string)

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

GET /sources/saml/{slug}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/user_connections/all/{id}/
GET /sources/user_connections/all/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PUT /sources/user_connections/all/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PATCH /sources/user_connections/all/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/all/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/user_connections/oauth/{id}/
GET /sources/user_connections/oauth/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PUT /sources/user_connections/oauth/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PATCH /sources/user_connections/oauth/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/oauth/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/user_connections/plex/{id}/
GET /sources/user_connections/plex/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PUT /sources/user_connections/plex/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PATCH /sources/user_connections/plex/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/plex/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /sources/user_connections/saml/{id}/
GET /sources/user_connections/saml/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PUT /sources/user_connections/saml/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

PATCH /sources/user_connections/saml/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/saml/{id}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/all/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /stages/authenticator/duo/{stage_uuid}/enrollment_status/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property duo_response (string)
GET /stages/authenticator/duo/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/authenticator/sms/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/authenticator/static/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/authenticator/totp/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/authenticator/validate/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/authenticator/webauthn/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/captcha/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/consent/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/deny/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/dummy/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/email/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/identification/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
DELETE /stages/invitation/invitations/{invite_uuid}/
GET /stages/invitation/invitations/{invite_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_obj (object)

      Flow Serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property authentication (string)

        Required level of authentication and authorization to access a flow.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/invitation/invitations/{invite_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_obj (object)

      Flow Serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property authentication (string)

        Required level of authentication and authorization to access a flow.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/invitation/invitations/{invite_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_obj (object)

      Flow Serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property authentication (string)

        Required level of authentication and authorization to access a flow.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/invitation/invitations/{invite_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/invitation/stages/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/password/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/prompt/prompts/{prompt_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/prompt/stages/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/user_delete/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/user_login/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/user_logout/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
GET /stages/user_write/{stage_uuid}/used_by/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Changed items (object): > A list of all objects referencing the queried object

    • Changed property action (string)
POST /authenticators/admin/static/
GET /authenticators/admin/static/
GET /authenticators/static/
POST /core/applications/
Request:

Changed content type : application/json

  • Changed property policy_engine_mode (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property policy_engine_mode (string)
GET /core/applications/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Application Serializer

      • Changed property policy_engine_mode (string)
POST /core/groups/
GET /core/groups/
Parameters:

Added: include_users in query

POST /core/tokens/
Request:

Changed content type : application/json

  • Changed property intent (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property intent (string)

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
GET /core/tokens/
Parameters:

Changed: intent in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Token Serializer

      • Changed property intent (string)

      • Changed property user_obj (object)

        User Serializer

        • Changed property type (string)
DELETE /core/user_consent/{id}/
GET /core/user_consent/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user (object)

      User Serializer

      • Changed property type (string)
    • Changed property application (object)

      Application Serializer

      • Changed property policy_engine_mode (string)
POST /core/users/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property type (string)
GET /core/users/
Parameters:

Added: include_groups in query

Changed: type in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > User Serializer

      • Changed property type (string)
GET /core/users/me/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user (object)

      User Serializer for information a user can retrieve about themselves

      • Changed property type (string)
POST /events/events/
Request:

Changed content type : application/json

  • Changed property action (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property action (string)
GET /events/events/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Event Serializer

      • Changed property action (string)
DELETE /events/notifications/{uuid}/
GET /events/notifications/{uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

    • Changed property event (object)

      Event Serializer

      • Changed property action (string)
PUT /events/notifications/{uuid}/
Request:

Changed content type : application/json

  • Changed property event (object)

    Event Serializer

    • Changed property action (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

    • Changed property event (object)

      Event Serializer

      • Changed property action (string)
PATCH /events/notifications/{uuid}/
Request:

Changed content type : application/json

  • Changed property event (object)

    Event Serializer

    • Changed property action (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property severity (string)

    • Changed property event (object)

      Event Serializer

      • Changed property action (string)
POST /events/rules/
Request:

Changed content type : application/json

  • Changed property severity (string)

    Controls which severity level the created notifications will have.

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property severity (string)

      Controls which severity level the created notifications will have.

GET /events/rules/
Parameters:

Changed: severity in query

Controls which severity level the created notifications will have.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > NotificationRule Serializer

      • Changed property severity (string)

        Controls which severity level the created notifications will have.

GET /events/system_tasks/
Parameters:

Changed: status in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serialize TaskInfo and TaskResult

      • Changed property messages (array)

        Changed items (string -> object): > Single log message with all context logged.

      • Changed property status (string)

POST /events/transports/
Request:

Changed content type : application/json

  • Changed property mode (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property mode (string)
GET /events/transports/
Parameters:

Changed: mode in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > NotificationTransport Serializer

      • Changed property mode (string)
DELETE /flows/bindings/{fsb_uuid}/
GET /flows/bindings/{fsb_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property invalid_response_action (string)

      Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

    • Changed property policy_engine_mode (string)

    • Changed property stage_obj (object)

      Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property layout (string)

PUT /flows/bindings/{fsb_uuid}/
Request:

Changed content type : application/json

  • Changed property invalid_response_action (string)

    Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property invalid_response_action (string)

      Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

    • Changed property policy_engine_mode (string)

    • Changed property stage_obj (object)

      Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property layout (string)

PATCH /flows/bindings/{fsb_uuid}/
Request:

Changed content type : application/json

  • Changed property invalid_response_action (string)

    Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property invalid_response_action (string)

      Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

    • Changed property policy_engine_mode (string)

    • Changed property stage_obj (object)

      Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property layout (string)

POST /flows/instances/
Request:

Changed content type : application/json

  • Changed property designation (string)

    Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

  • Changed property denied_action (string)

    Configure what should happen when a flow denies access to a user.

  • Changed property authentication (string)

    Required level of authentication and authorization to access a flow.

  • Changed property policy_engine_mode (string)

  • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property authentication (string)

      Required level of authentication and authorization to access a flow.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

GET /flows/instances/
Parameters:

Changed: denied_action in query

Configure what should happen when a flow denies access to a user.

Changed: designation in query

Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Flow Serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property authentication (string)

        Required level of authentication and authorization to access a flow.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /oauth2/access_tokens/{id}/
GET /oauth2/access_tokens/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (object)

      OAuth2Provider Serializer

      • Changed property client_type (string)

        Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      • Changed property issuer_mode (string)

        Configure how the issuer field of the ID Token should be filled.

    • Changed property user (object)

      User Serializer

      • Changed property type (string)
DELETE /oauth2/authorization_codes/{id}/
GET /oauth2/authorization_codes/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (object)

      OAuth2Provider Serializer

      • Changed property client_type (string)

        Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      • Changed property issuer_mode (string)

        Configure how the issuer field of the ID Token should be filled.

    • Changed property user (object)

      User Serializer

      • Changed property type (string)
DELETE /oauth2/refresh_tokens/{id}/
GET /oauth2/refresh_tokens/{id}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (object)

      OAuth2Provider Serializer

      • Changed property client_type (string)

        Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

      • Changed property sub_mode (string)

        Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

      • Changed property issuer_mode (string)

        Configure how the issuer field of the ID Token should be filled.

    • Changed property user (object)

      User Serializer

      • Changed property type (string)
POST /outposts/instances/
Request:

Changed content type : application/json

  • Changed property type (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property type (string)
GET /outposts/instances/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Outpost Serializer

      • Changed property type (string)
GET /outposts/ldap/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > LDAPProvider Serializer

      • Changed property search_mode (string)
POST /policies/bindings/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_obj (object)

      User Serializer

      • Changed property type (string)
GET /policies/bindings/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > PolicyBinding Serializer

      • Changed property user_obj (object)

        User Serializer

        • Changed property type (string)
POST /providers/ldap/
Request:

Changed content type : application/json

  • Changed property search_mode (string)
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property search_mode (string)
GET /providers/ldap/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > LDAPProvider Serializer

      • Changed property search_mode (string)
POST /providers/saml/
Request:

Changed content type : application/json

  • Changed property sp_binding (string)

    This determines how authentik sends the response back to the Service Provider.

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property sp_binding (string)

      This determines how authentik sends the response back to the Service Provider.

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

GET /providers/saml/
Parameters:

Changed: digest_algorithm in query

Changed: signature_algorithm in query

Changed: sp_binding in query

This determines how authentik sends the response back to the Service Provider.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > SAMLProvider Serializer

      • Changed property sp_binding (string)

        This determines how authentik sends the response back to the Service Provider.

      • Changed property digest_algorithm (string)

      • Changed property signature_algorithm (string)

GET /providers/scim/{id}/sync_status/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property tasks (array)

      Changed items (object): > Serialize TaskInfo and TaskResult

      • Changed property messages (array)

        Changed items (string -> object): > Single log message with all context logged.

      • Changed property status (string)

GET /rac/connection_tokens/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > ConnectionToken Serializer

      New optional properties:

      • pk

      • Changed property pk (string)

      • Changed property endpoint (string)

      • Changed property endpoint_obj (object)

        Endpoint Serializer

        • Changed property protocol (string)

        • Changed property auth_mode (string)

POST /rac/endpoints/
Request:

Changed content type : application/json

  • Changed property protocol (string)

  • Changed property auth_mode (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property protocol (string)

    • Changed property auth_mode (string)

GET /rac/endpoints/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Endpoint Serializer

      • Changed property protocol (string)

      • Changed property auth_mode (string)

GET /rbac/permissions/assigned_by_roles/
Parameters:

Changed: model in query

GET /rbac/permissions/assigned_by_users/
Parameters:

Changed: model in query

GET /sources/all/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

POST /sources/ldap/
Request:

Changed content type : application/json

  • Added property password_login_update_internal_password (boolean)

    Update internal authentik password when login succeeds with LDAP

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Added property password_login_update_internal_password (boolean)

      Update internal authentik password when login succeeds with LDAP

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

GET /sources/ldap/
Parameters:

Added: password_login_update_internal_password in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > LDAP Source Serializer

      • Added property password_login_update_internal_password (boolean)

        Update internal authentik password when login succeeds with LDAP

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/ldap/{slug}/sync_status/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property tasks (array)

      Changed items (object): > Serialize TaskInfo and TaskResult

      • Changed property messages (array)

        Changed items (string -> object): > Single log message with all context logged.

      • Changed property status (string)

POST /sources/oauth/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

  • Changed property provider_type (string)

    Added enum value:

    • gitlab
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

    • Changed property provider_type (string)

      Added enum value:

      • gitlab
GET /sources/oauth/
Parameters:

Changed: policy_engine_mode in query

Changed: user_matching_mode in query

How the source determines if an existing user should be authenticated or a new user enrolled.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > OAuth Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

      • Changed property provider_type (string)

        Added enum value:

        • gitlab
POST /sources/plex/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property policy_engine_mode (string)

GET /sources/plex/
Parameters:

Changed: policy_engine_mode in query

Changed: user_matching_mode in query

How the source determines if an existing user should be authenticated or a new user enrolled.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Plex Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

POST /sources/plex/redeem_token/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property flow_info (object)

      Contextual flow information for a challenge

      • Changed property layout (string)
POST /sources/saml/
Request:

Changed content type : application/json

  • Changed property user_matching_mode (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

  • Changed property name_id_policy (string)

    NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

  • Changed property policy_engine_mode (string)

  • Changed property binding_type (string)

  • Changed property digest_algorithm (string)

  • Changed property signature_algorithm (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_matching_mode (string)

      How the source determines if an existing user should be authenticated or a new user enrolled.

    • Changed property name_id_policy (string)

      NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

    • Changed property policy_engine_mode (string)

    • Changed property binding_type (string)

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

GET /sources/saml/
Parameters:

Changed: binding_type in query

Changed: digest_algorithm in query

Changed: name_id_policy in query

NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

Changed: policy_engine_mode in query

Changed: signature_algorithm in query

Changed: user_matching_mode in query

How the source determines if an existing user should be authenticated or a new user enrolled.

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > SAMLSource Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property name_id_policy (string)

        NameID Policy sent to the IdP. Can be unset, in which case no Policy is sent.

      • Changed property policy_engine_mode (string)

      • Changed property binding_type (string)

      • Changed property digest_algorithm (string)

      • Changed property signature_algorithm (string)

GET /sources/user_connections/all/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > OAuth Source Serializer

      • Changed property source (object)

        Source Serializer

        • Changed property user_matching_mode (string)

          How the source determines if an existing user should be authenticated or a new user enrolled.

        • Changed property policy_engine_mode (string)

POST /sources/user_connections/oauth/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/oauth/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > OAuth Source Serializer

      • Changed property source (object)

        Source Serializer

        • Changed property user_matching_mode (string)

          How the source determines if an existing user should be authenticated or a new user enrolled.

        • Changed property policy_engine_mode (string)

POST /sources/user_connections/plex/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/plex/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Plex Source connection Serializer

      • Changed property source (object)

        Source Serializer

        • Changed property user_matching_mode (string)

          How the source determines if an existing user should be authenticated or a new user enrolled.

        • Changed property policy_engine_mode (string)

POST /sources/user_connections/saml/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property source (object)

      Source Serializer

      • Changed property user_matching_mode (string)

        How the source determines if an existing user should be authenticated or a new user enrolled.

      • Changed property policy_engine_mode (string)

GET /sources/user_connections/saml/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > SAML Source Serializer

      • Changed property source (object)

        Source Serializer

        • Changed property user_matching_mode (string)

          How the source determines if an existing user should be authenticated or a new user enrolled.

        • Changed property policy_engine_mode (string)

DELETE /stages/all/{stage_uuid}/
GET /stages/all/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/duo/{stage_uuid}/
GET /stages/authenticator/duo/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/duo/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/duo/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/sms/{stage_uuid}/
GET /stages/authenticator/sms/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (string)

    • Changed property auth_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/sms/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property provider (string)

  • Changed property auth_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (string)

    • Changed property auth_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/sms/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property provider (string)

  • Changed property auth_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property provider (string)

    • Changed property auth_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/static/{stage_uuid}/
GET /stages/authenticator/static/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/static/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/static/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/totp/{stage_uuid}/
GET /stages/authenticator/totp/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property digits (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/totp/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property digits (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property digits (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/totp/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property digits (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property digits (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/validate/{stage_uuid}/
GET /stages/authenticator/validate/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • webauthn_allowed_device_types_obj

    • Added property webauthn_allowed_device_types (array)

      Items (string):

    • Added property webauthn_allowed_device_types_obj (array)

      Items (object): > WebAuthnDeviceType Serializer

    • Changed property webauthn_user_verification (string)

      Enforce user verification for WebAuthn devices.

    • Changed property not_configured_action (string)

    • Changed property device_classes (array)

      Device classes which can be used to authenticate

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/validate/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property webauthn_allowed_device_types (array)

  • Changed property webauthn_user_verification (string)

    Enforce user verification for WebAuthn devices.

  • Changed property not_configured_action (string)

  • Changed property device_classes (array)

    Device classes which can be used to authenticate

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • webauthn_allowed_device_types_obj

    • Added property webauthn_allowed_device_types (array)

    • Added property webauthn_allowed_device_types_obj (array)

    • Changed property webauthn_user_verification (string)

      Enforce user verification for WebAuthn devices.

    • Changed property not_configured_action (string)

    • Changed property device_classes (array)

      Device classes which can be used to authenticate

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/validate/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property webauthn_allowed_device_types (array)

  • Changed property webauthn_user_verification (string)

    Enforce user verification for WebAuthn devices.

  • Changed property not_configured_action (string)

  • Changed property device_classes (array)

    Device classes which can be used to authenticate

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • webauthn_allowed_device_types_obj

    • Added property webauthn_allowed_device_types (array)

    • Added property webauthn_allowed_device_types_obj (array)

    • Changed property webauthn_user_verification (string)

      Enforce user verification for WebAuthn devices.

    • Changed property not_configured_action (string)

    • Changed property device_classes (array)

      Device classes which can be used to authenticate

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/authenticator/webauthn/{stage_uuid}/
GET /stages/authenticator/webauthn/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • device_type_restrictions_obj

    • Added property device_type_restrictions (array)

    • Added property device_type_restrictions_obj (array)

    • Changed property authenticator_attachment (string)

    • Changed property user_verification (string)

    • Changed property resident_key_requirement (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/authenticator/webauthn/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property device_type_restrictions (array)

  • Changed property authenticator_attachment (string)

  • Changed property user_verification (string)

  • Changed property resident_key_requirement (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • device_type_restrictions_obj

    • Added property device_type_restrictions (array)

    • Added property device_type_restrictions_obj (array)

    • Changed property authenticator_attachment (string)

    • Changed property user_verification (string)

    • Changed property resident_key_requirement (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/authenticator/webauthn/{stage_uuid}/
Request:

Changed content type : application/json

  • Added property device_type_restrictions (array)

  • Changed property authenticator_attachment (string)

  • Changed property user_verification (string)

  • Changed property resident_key_requirement (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    New required properties:

    • device_type_restrictions_obj

    • Added property device_type_restrictions (array)

    • Added property device_type_restrictions_obj (array)

    • Changed property authenticator_attachment (string)

    • Changed property user_verification (string)

    • Changed property resident_key_requirement (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/captcha/{stage_uuid}/
GET /stages/captcha/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/captcha/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/captcha/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/consent/{stage_uuid}/
GET /stages/consent/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/consent/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property mode (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/consent/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property mode (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property mode (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/deny/{stage_uuid}/
GET /stages/deny/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/deny/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/deny/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/dummy/{stage_uuid}/
GET /stages/dummy/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/dummy/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/dummy/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/email/{stage_uuid}/
GET /stages/email/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/email/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/email/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/identification/{stage_uuid}/
GET /stages/identification/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_fields (array)

      Fields of the user object to match against. (Hold shift to select multiple options)

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/identification/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property user_fields (array)

    Fields of the user object to match against. (Hold shift to select multiple options)

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_fields (array)

      Fields of the user object to match against. (Hold shift to select multiple options)

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/identification/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property user_fields (array)

    Fields of the user object to match against. (Hold shift to select multiple options)

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_fields (array)

      Fields of the user object to match against. (Hold shift to select multiple options)

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

POST /stages/invitation/invitations/
Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_obj (object)

      Flow Serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property authentication (string)

        Required level of authentication and authorization to access a flow.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/invitation/invitations/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Invitation Serializer

      • Changed property flow_obj (object)

        Flow Serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property authentication (string)

          Required level of authentication and authorization to access a flow.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

DELETE /stages/invitation/stages/{stage_uuid}/
GET /stages/invitation/stages/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/invitation/stages/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/invitation/stages/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/password/{stage_uuid}/
GET /stages/password/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property backends (array)

      Selection of backends to test the password against.

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/password/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property backends (array)

    Selection of backends to test the password against.

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property backends (array)

      Selection of backends to test the password against.

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/password/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property backends (array)

    Selection of backends to test the password against.

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property backends (array)

      Selection of backends to test the password against.

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/prompt/stages/{stage_uuid}/
GET /stages/prompt/stages/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/prompt/stages/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/prompt/stages/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/user_delete/{stage_uuid}/
GET /stages/user_delete/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/user_delete/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/user_delete/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/user_login/{stage_uuid}/
GET /stages/user_login/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property network_binding (string)

      Bind sessions created by this stage to the configured network

    • Changed property geoip_binding (string)

      Bind sessions created by this stage to the configured GeoIP location

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/user_login/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property network_binding (string)

    Bind sessions created by this stage to the configured network

  • Changed property geoip_binding (string)

    Bind sessions created by this stage to the configured GeoIP location

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property network_binding (string)

      Bind sessions created by this stage to the configured network

    • Changed property geoip_binding (string)

      Bind sessions created by this stage to the configured GeoIP location

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/user_login/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property network_binding (string)

    Bind sessions created by this stage to the configured network

  • Changed property geoip_binding (string)

    Bind sessions created by this stage to the configured GeoIP location

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property network_binding (string)

      Bind sessions created by this stage to the configured network

    • Changed property geoip_binding (string)

      Bind sessions created by this stage to the configured GeoIP location

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/user_logout/{stage_uuid}/
GET /stages/user_logout/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/user_logout/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/user_logout/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

DELETE /stages/user_write/{stage_uuid}/
GET /stages/user_write/{stage_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_creation_mode (string)

    • Changed property user_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /stages/user_write/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property user_creation_mode (string)

  • Changed property user_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_creation_mode (string)

    • Changed property user_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PATCH /stages/user_write/{stage_uuid}/
Request:

Changed content type : application/json

  • Changed property user_creation_mode (string)

  • Changed property user_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property user_creation_mode (string)

    • Changed property user_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

PUT /core/transactional/applications/
Request:

Changed content type : application/json

  • Changed property provider_model (string)

  • Changed property app (object)

    Application Serializer

    • Changed property policy_engine_mode (string)
  • Changed property provider (object)

    Updated authentik_providers_oauth2.oauth2provider provider_model:

    • Changed property client_type (string)

      Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

    • Changed property sub_mode (string)

      Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

    • Changed property issuer_mode (string)

      Configure how the issuer field of the ID Token should be filled.

    Updated authentik_providers_proxy.proxyprovider provider_model:

    • Changed property mode (string)

      Enable support for forwardAuth in traefik and nginx auth_request. Exclusive with internal_host.

    Updated authentik_providers_saml.samlprovider provider_model:

    • Changed property sp_binding (string)

      This determines how authentik sends the response back to the Service Provider.

    • Changed property digest_algorithm (string)

    • Changed property signature_algorithm (string)

    Updated authentik_providers_ldap.ldapprovider provider_model:

    • Changed property search_mode (string)
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > UserConsent Serializer

      • Changed property user (object)

        User Serializer

        • Changed property type (string)
      • Changed property application (object)

        Application Serializer

        • Changed property policy_engine_mode (string)
GET /events/notifications/
Parameters:

Changed: severity in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Notification Serializer

      • Changed property severity (string)

      • Changed property event (object)

        Event Serializer

        • Changed property action (string)
POST /flows/bindings/
Request:

Changed content type : application/json

  • Changed property invalid_response_action (string)

    Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

  • Changed property policy_engine_mode (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property invalid_response_action (string)

      Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

    • Changed property policy_engine_mode (string)

    • Changed property stage_obj (object)

      Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property layout (string)

GET /flows/bindings/
Parameters:

Changed: invalid_response_action in query

Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

Changed: policy_engine_mode in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > FlowStageBinding Serializer

      • Changed property invalid_response_action (string)

        Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

      • Changed property policy_engine_mode (string)

      • Changed property stage_obj (object)

        Stage Serializer

        • Changed property flow_set (array)

          Changed items (object): > Stripped down flow serializer

          • Changed property designation (string)

            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

          • Changed property denied_action (string)

            Configure what should happen when a flow denies access to a user.

          • Changed property layout (string)

GET /flows/executor/{flow_slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Updated ak-stage-dummy component: New required properties:

    • name

    • Added property name (string)

    Updated ak-provider-oauth2-device-code component:

    • Changed property type (string)

    • Changed property flow_info (object)

      Contextual flow information for a challenge

      • Changed property layout (string)

    Updated ak-stage-prompt component:

    • Changed property fields (array)

      Changed items (object): > Serializer for a single Prompt field

      • Changed property type (string)

    Updated ak-stage-identification component: New required properties:

    • flow_designation

    • Added property flow_designation (string)

      Enum values:

      • authentication
      • authorization
      • invalidation
      • enrollment
      • unenrollment
      • recovery
      • stage_configuration
POST /flows/executor/{flow_slug}/
Request:

Changed content type : application/json

Updated ak-source-oauth-apple component:

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    Updated ak-stage-dummy component: New required properties:

    • name

    • Added property name (string)

    Updated ak-provider-oauth2-device-code component:

    • Changed property type (string)

    • Changed property flow_info (object)

      Contextual flow information for a challenge

      • Changed property layout (string)

    Updated ak-stage-prompt component:

    • Changed property fields (array)

      Changed items (object): > Serializer for a single Prompt field

      • Changed property type (string)

    Updated ak-stage-identification component: New required properties:

    • flow_designation

    • Added property flow_designation (string)
GET /flows/inspector/{flow_slug}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property plans (array)

      Changed items (object): > Serializer for an active FlowPlan

      • Changed property next_planned_stage (object)

        FlowStageBinding Serializer

        • Changed property invalid_response_action (string)

          Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

      • Changed property current_stage (object)

        FlowStageBinding Serializer

        • Changed property invalid_response_action (string)

          Configure how the flow executor should handle an invalid response to a challenge. RETRY returns the error message and a similar challenge to the executor. RESTART restarts the flow from the beginning, and RESTART_WITH_CONTEXT restarts the flow while keeping the current context.

        • Changed property policy_engine_mode (string)

        • Changed property stage_obj (object)

          Stage Serializer

          • Changed property flow_set (array)

            Changed items (object): > Stripped down flow serializer

            • Changed property designation (string)

              Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

            • Changed property denied_action (string)

              Configure what should happen when a flow denies access to a user.

            • Changed property layout (string)

GET /oauth2/access_tokens/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for BaseGrantModel and RefreshToken

      • Changed property provider (object)

        OAuth2Provider Serializer

        • Changed property client_type (string)

          Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

        • Changed property sub_mode (string)

          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        • Changed property issuer_mode (string)

          Configure how the issuer field of the ID Token should be filled.

      • Changed property user (object)

        User Serializer

        • Changed property type (string)
GET /oauth2/authorization_codes/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant

      • Changed property provider (object)

        OAuth2Provider Serializer

        • Changed property client_type (string)

          Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

        • Changed property sub_mode (string)

          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        • Changed property issuer_mode (string)

          Configure how the issuer field of the ID Token should be filled.

      • Changed property user (object)

        User Serializer

        • Changed property type (string)
GET /oauth2/refresh_tokens/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Serializer for BaseGrantModel and RefreshToken

      • Changed property provider (object)

        OAuth2Provider Serializer

        • Changed property client_type (string)

          Confidential clients are capable of maintaining the confidentiality of their credentials. Public clients are incapable

        • Changed property sub_mode (string)

          Configure what data should be used as unique User Identifier. For most cases, the default should be fine.

        • Changed property issuer_mode (string)

          Configure how the issuer field of the ID Token should be filled.

      • Changed property user (object)

        User Serializer

        • Changed property type (string)
GET /stages/all/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/duo/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/duo/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorDuoStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/sms/
Request:

Changed content type : application/json

  • Changed property provider (string)

  • Changed property auth_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property provider (string)

    • Changed property auth_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/sms/
Parameters:

Changed: auth_type in query

Changed: provider in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorSMSStage Serializer

      • Changed property provider (string)

      • Changed property auth_type (string)

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/static/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/static/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorStaticStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/totp/
Request:

Changed content type : application/json

  • Changed property digits (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property digits (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/totp/
Parameters:

Changed: digits in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorTOTPStage Serializer

      • Changed property digits (string)

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/validate/
Request:

Changed content type : application/json

  • Added property webauthn_allowed_device_types (array)

  • Changed property webauthn_user_verification (string)

    Enforce user verification for WebAuthn devices.

  • Changed property not_configured_action (string)

  • Changed property device_classes (array)

    Device classes which can be used to authenticate

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    New required properties:

    • webauthn_allowed_device_types_obj

    • Added property webauthn_allowed_device_types (array)

    • Added property webauthn_allowed_device_types_obj (array)

    • Changed property webauthn_user_verification (string)

      Enforce user verification for WebAuthn devices.

    • Changed property not_configured_action (string)

    • Changed property device_classes (array)

      Device classes which can be used to authenticate

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/validate/
Parameters:

Changed: not_configured_action in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorValidateStage Serializer

      New required properties:

      • webauthn_allowed_device_types_obj

      • Added property webauthn_allowed_device_types (array)

      • Added property webauthn_allowed_device_types_obj (array)

      • Changed property webauthn_user_verification (string)

        Enforce user verification for WebAuthn devices.

      • Changed property not_configured_action (string)

      • Changed property device_classes (array)

        Device classes which can be used to authenticate

        Changed items (string):

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/authenticator/webauthn/
Request:

Changed content type : application/json

  • Added property device_type_restrictions (array)

  • Changed property authenticator_attachment (string)

  • Changed property user_verification (string)

  • Changed property resident_key_requirement (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    New required properties:

    • device_type_restrictions_obj

    • Added property device_type_restrictions (array)

    • Added property device_type_restrictions_obj (array)

    • Changed property authenticator_attachment (string)

    • Changed property user_verification (string)

    • Changed property resident_key_requirement (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/authenticator/webauthn/
Parameters:

Added: device_type_restrictions in query

Changed: authenticator_attachment in query

Changed: resident_key_requirement in query

Changed: user_verification in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > AuthenticatorWebAuthnStage Serializer

      New required properties:

      • device_type_restrictions_obj

      • Added property device_type_restrictions (array)

      • Added property device_type_restrictions_obj (array)

      • Changed property authenticator_attachment (string)

      • Changed property user_verification (string)

      • Changed property resident_key_requirement (string)

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/captcha/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/captcha/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > CaptchaStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/consent/
Request:

Changed content type : application/json

  • Changed property mode (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property mode (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/consent/
Parameters:

Changed: mode in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > ConsentStage Serializer

      • Changed property mode (string)

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/deny/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/deny/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > DenyStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/dummy/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/dummy/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > DummyStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/email/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/email/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > EmailStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/identification/
Request:

Changed content type : application/json

  • Changed property user_fields (array)

    Fields of the user object to match against. (Hold shift to select multiple options)

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_fields (array)

      Fields of the user object to match against. (Hold shift to select multiple options)

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/identification/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > IdentificationStage Serializer

      • Changed property user_fields (array)

        Fields of the user object to match against. (Hold shift to select multiple options)

        Changed items (string):

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/invitation/stages/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/invitation/stages/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > InvitationStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/password/
Request:

Changed content type : application/json

  • Changed property backends (array)

    Selection of backends to test the password against.

    Changed items (string):

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property backends (array)

      Selection of backends to test the password against.

      Changed items (string):

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/password/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > PasswordStage Serializer

      • Changed property backends (array)

        Selection of backends to test the password against.

        Changed items (string):

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

DELETE /stages/prompt/prompts/{prompt_uuid}/
GET /stages/prompt/prompts/{prompt_uuid}/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property promptstage_set (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

PUT /stages/prompt/prompts/{prompt_uuid}/
Request:

Changed content type : application/json

  • Changed property type (string)

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property promptstage_set (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

PATCH /stages/prompt/prompts/{prompt_uuid}/
Request:

Changed content type : application/json

  • Changed property type (string)

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property promptstage_set (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/prompt/prompts/preview/
Request:

Changed content type : application/json

  • Changed property type (string)

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property flow_info (object)

      Contextual flow information for a challenge

      • Changed property layout (string)
    • Changed property fields (array)

      Changed items (object): > Serializer for a single Prompt field

      • Changed property type (string)
POST /stages/prompt/stages/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/prompt/stages/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > PromptStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/user_delete/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/user_delete/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > UserDeleteStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/user_login/
Request:

Changed content type : application/json

  • Changed property network_binding (string)

    Bind sessions created by this stage to the configured network

  • Changed property geoip_binding (string)

    Bind sessions created by this stage to the configured GeoIP location

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property network_binding (string)

      Bind sessions created by this stage to the configured network

    • Changed property geoip_binding (string)

      Bind sessions created by this stage to the configured GeoIP location

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/user_login/
Parameters:

Changed: geoip_binding in query

Bind sessions created by this stage to the configured GeoIP location

Changed: network_binding in query

Bind sessions created by this stage to the configured network

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > UserLoginStage Serializer

      • Changed property network_binding (string)

        Bind sessions created by this stage to the configured network

      • Changed property geoip_binding (string)

        Bind sessions created by this stage to the configured GeoIP location

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/user_logout/
Request:

Changed content type : application/json

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/user_logout/
Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > UserLogoutStage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/user_write/
Request:

Changed content type : application/json

  • Changed property user_creation_mode (string)

  • Changed property user_type (string)

  • Changed property flow_set (array)

    Changed items (object): > Stripped down flow serializer

    • Changed property designation (string)

      Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

    • Changed property denied_action (string)

      Configure what should happen when a flow denies access to a user.

    • Changed property policy_engine_mode (string)

    • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property user_creation_mode (string)

    • Changed property user_type (string)

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

GET /stages/user_write/
Parameters:

Changed: user_creation_mode in query

Changed: user_type in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > UserWriteStage Serializer

      • Changed property user_creation_mode (string)

      • Changed property user_type (string)

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

POST /stages/prompt/prompts/
Request:

Changed content type : application/json

  • Changed property type (string)

  • Changed property promptstage_set (array)

    Changed items (object): > Stage Serializer

    • Changed property flow_set (array)

      Changed items (object): > Stripped down flow serializer

      • Changed property designation (string)

        Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

      • Changed property denied_action (string)

        Configure what should happen when a flow denies access to a user.

      • Changed property policy_engine_mode (string)

      • Changed property layout (string)

Return Type:

Changed response : 201 Created

  • Changed content type : application/json

    • Changed property type (string)

    • Changed property promptstage_set (array)

      Changed items (object): > Stage Serializer

      • Changed property flow_set (array)

        Changed items (object): > Stripped down flow serializer

        • Changed property designation (string)

          Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

        • Changed property denied_action (string)

          Configure what should happen when a flow denies access to a user.

        • Changed property policy_engine_mode (string)

        • Changed property layout (string)

GET /stages/prompt/prompts/
Parameters:

Changed: type in query

Return Type:

Changed response : 200 OK

  • Changed content type : application/json

    • Changed property results (array)

      Changed items (object): > Prompt Serializer

      • Changed property type (string)

      • Changed property promptstage_set (array)

        Changed items (object): > Stage Serializer

        • Changed property flow_set (array)

          Changed items (object): > Stripped down flow serializer

          • Changed property designation (string)

            Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik.

          • Changed property denied_action (string)

            Configure what should happen when a flow denies access to a user.

          • Changed property policy_engine_mode (string)

          • Changed property layout (string)