Specific names as
defined by OAuth 2.0
Dynamic Client Registration Protocol - RFC 7591 Section 4.1
type: string
enum:
- authorization_code
- implicit
- password
- client_credentials
- refresh_token
- unknown
- device_code
GroupMember:
description: A User's membership into a Group
type: object
properties:
data:
type: object
additionalProperties:
type: object
groupId:
type: string
format: uuid
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
user:
"$ref": "#/components/schemas/User"
userId:
type: string
format: uuid
UserUpdateEvent:
description: Models the User Update Event.
type: object
properties:
original:
"$ref": "#/components/schemas/User"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
LoginPreventedResponse:
description: The summary of the action that is preventing login to be returned
on the login response.
type: object
properties:
actionId:
type: string
format: uuid
actionerUserId:
type: string
format: uuid
expiry:
"$ref": "#/components/schemas/ZonedDateTime"
localizedName:
type: string
localizedOption:
type: string
localizedReason:
type: string
name:
type: string
option:
type: string
reason:
type: string
reasonCode:
type: string
EntitySearchCriteria:
description: This class is the entity query. It provides a build pattern as
well as public fields for use on forms and in actions.
type: object
properties:
accurateTotal:
type: boolean
ids:
type: array
items:
type: string
format: uuid
query:
type: string
queryString:
type: string
sortFields:
type: array
items:
"$ref": "#/components/schemas/SortField"
ThemeRequest:
description: Theme API request object.
type: object
properties:
sourceThemeId:
type: string
format: uuid
theme:
"$ref": "#/components/schemas/Theme"
PasswordlessSendRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
code:
type: string
loginId:
type: string
state:
type: object
additionalProperties:
type: object
UserLoginNewDeviceEvent:
description: Models the User Login event for a new device (un-recognized)
type: object
properties:
applicationId:
type: string
format: uuid
authenticationType:
type: string
connectorId:
type: string
format: uuid
identityProviderId:
type: string
format: uuid
identityProviderName:
type: string
ipAddress:
type: string
user:
"$ref": "#/components/schemas/User"
KeyResponse:
description: Key API response object.
type: object
properties:
key:
"$ref": "#/components/schemas/Key"
keys:
type: array
items:
"$ref": "#/components/schemas/Key"
TwoFactorStartRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
code:
type: string
loginId:
type: string
state:
type: object
additionalProperties:
type: object
trustChallenge:
type: string
userId:
type: string
format: uuid
GroupCreateEvent:
description: Models the Group Create Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ConnectorPolicy:
description: ''
type: object
properties:
connectorId:
type: string
format: uuid
data:
type: object
additionalProperties:
type: object
domains:
type: array
uniqueItems: true
items: {}
migrate:
type: boolean
FormField:
description: ''
type: object
properties:
confirm:
type: boolean
consentId:
type: string
format: uuid
control:
"$ref": "#/components/schemas/FormControl"
data:
type: object
additionalProperties:
type: object
description:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
key:
type: string
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
options:
type: array
items:
type: string
required:
type: boolean
type:
"$ref": "#/components/schemas/FormDataType"
validator:
"$ref": "#/components/schemas/FormFieldValidator"
FamilyConfiguration:
description: ''
type: object
properties:
allowChildRegistrations:
type: boolean
confirmChildEmailTemplateId:
type: string
format: uuid
deleteOrphanedAccounts:
type: boolean
deleteOrphanedAccountsDays:
type: integer
familyRequestEmailTemplateId:
type: string
format: uuid
maximumChildAge:
type: integer
minimumOwnerAge:
type: integer
parentEmailRequired:
type: boolean
parentRegistrationEmailTemplateId:
type: string
format: uuid
enabled:
type: boolean
TwitchApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
DisplayableRawLogin:
description: A displayable raw login that includes application name and user
loginId.
type: object
properties:
applicationName:
type: string
location:
"$ref": "#/components/schemas/Location"
loginId:
type: string
SAMLv2SingleLogout:
type: object
properties:
keyId:
type: string
format: uuid
url:
type: string
format: URI
xmlSignatureC14nMethod:
"$ref": "#/components/schemas/CanonicalizationMethod"
enabled:
type: boolean
OpenIdConnectApplicationConfiguration:
description: ''
type: object
properties:
buttonImageURL:
type: string
format: URI
buttonText:
type: string
oauth2:
"$ref": "#/components/schemas/IdentityProviderOauth2Configuration"
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
ApplicationFormConfiguration:
description: ''
type: object
properties:
adminRegistrationFormId:
type: string
format: uuid
selfServiceFormConfiguration:
"$ref": "#/components/schemas/SelfServiceFormConfiguration"
selfServiceFormId:
type: string
format: uuid
TimeBasedDeletePolicy:
description: A policy for deleting Users.
type: object
properties:
numberOfDaysToRetain:
type: integer
enabled:
type: boolean
KeySearchCriteria:
description: Search criteria for Keys
type: object
properties:
algorithm:
"$ref": "#/components/schemas/KeyAlgorithm"
name:
type: string
type:
"$ref": "#/components/schemas/KeyType"
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
ReactorFeatureStatus:
description: ''
type: string
enum:
- ACTIVE
- DISCONNECTED
- PENDING
- DISABLED
- UNKNOWN
RefreshRequest:
description: ''
type: object
properties:
refreshToken:
type: string
token:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
UserLoginIdDuplicateOnCreateEvent:
description: Models an event where a user is being created with an "in-use"
login Id (email or username).
type: object
properties:
duplicateEmail:
type: string
duplicateUsername:
type: string
existing:
"$ref": "#/components/schemas/User"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
LoginRequest:
description: Login API request object.
type: object
properties:
loginId:
type: string
oneTimePassword:
type: string
password:
type: string
twoFactorTrustId:
type: string
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
RecentLoginResponse:
description: Response for the user login report.
type: object
properties:
logins:
type: array
items:
"$ref": "#/components/schemas/DisplayableRawLogin"
UserConsentRequest:
description: API response for User consent.
type: object
properties:
userConsent:
"$ref": "#/components/schemas/UserConsent"
FamilyEmailRequest:
description: API request for sending out family requests to parent's.
type: object
properties:
parentEmail:
type: string
EntitySearchRequest:
description: Search request for entities
type: object
properties:
search:
"$ref": "#/components/schemas/EntitySearchCriteria"
RequiresCORSConfiguration:
description: Interface describing the need for CORS configuration.
type: object
properties: {}
AuditLogResponse:
description: Audit log response.
type: object
properties:
auditLog:
"$ref": "#/components/schemas/AuditLog"
SteamApplicationConfiguration:
description: ''
type: object
properties:
apiMode:
"$ref": "#/components/schemas/SteamAPIMode"
buttonText:
type: string
client_id:
type: string
scope:
type: string
webAPIKey:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
TenantMultiFactorConfiguration:
description: ''
type: object
properties:
authenticator:
"$ref": "#/components/schemas/MultiFactorAuthenticatorMethod"
email:
"$ref": "#/components/schemas/MultiFactorEmailMethod"
loginPolicy:
"$ref": "#/components/schemas/MultiFactorLoginPolicy"
sms:
"$ref": "#/components/schemas/MultiFactorSMSMethod"
XboxIdentityProvider:
description: Xbox gaming login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/XboxApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
ProofKeyForCodeExchangePolicy:
description: ''
type: string
enum:
- Required
- NotRequired
- NotRequiredWhenUsingClientAuthentication
AuditLogSearchResponse:
description: Audit log response.
type: object
properties:
auditLogs:
type: array
items:
"$ref": "#/components/schemas/AuditLog"
total:
type: integer
format: int64
TokenType:
description: This is different than the
user.create event in that it will be sent after the user has been created.
This event cannot be made transactional.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
CoseAlgorithmIdentifier:
description: A number identifying a cryptographic algorithm. Values should be
registered with the IANA
COSE Algorithms registry
type: string
enum:
- ES256
- ES384
- ES512
- RS256
- RS384
- RS512
- PS256
- PS384
- PS512
SelfServiceFormConfiguration:
description: ''
type: object
properties:
requireCurrentPasswordOnPasswordChange:
type: boolean
RememberPreviousPasswords:
description: ''
type: object
properties:
count:
type: integer
enabled:
type: boolean
HYPRApplicationConfiguration:
description: ''
type: object
properties:
relyingPartyApplicationId:
type: string
relyingPartyURL:
type: string
format: URI
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
KafkaMessengerConfiguration:
description: ''
type: object
properties:
defaultTopic:
type: string
producer:
type: object
additionalProperties:
type: string
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
transport:
type: string
type:
"$ref": "#/components/schemas/MessengerType"
UserRegistrationCreateCompleteEvent:
description: Models the User Created Registration Event. This is different
than the user.registration.create event in that it will be sent after the
user has been created. This event cannot be made transactional.
type: object
properties:
applicationId:
type: string
format: uuid
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
LoginRecordSearchRequest:
description: ''
type: object
properties:
retrieveTotal:
type: boolean
search:
"$ref": "#/components/schemas/LoginRecordSearchCriteria"
KafkaConfiguration:
description: ''
type: object
properties:
defaultTopic:
type: string
producer:
type: object
additionalProperties:
type: string
enabled:
type: boolean
ManagedFields:
description: 'This class contains the managed fields that are also put into
the database during FusionAuth setup. Internal Note: These fields are
also declared in SQL in order to bootstrap the system. These need to stay
in sync. Any changes to these fields needs to also be reflected in mysql.sql
and postgresql.sql'
type: object
properties: {}
MonthlyActiveUserReportResponse:
description: Response for the daily active user report.
type: object
properties:
monthlyActiveUsers:
type: array
items:
"$ref": "#/components/schemas/Count"
total:
type: integer
format: int64
IdentityProviderLinkRequest:
description: ''
type: object
properties:
identityProviderLink:
"$ref": "#/components/schemas/IdentityProviderLink"
pendingIdPLinkId:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
LambdaType:
description: The types of lambdas that indicate how they are invoked by FusionAuth.
type: string
enum:
- JWTPopulate
- OpenIDReconcile
- SAMLv2Reconcile
- SAMLv2Populate
- AppleReconcile
- ExternalJWTReconcile
- FacebookReconcile
- GoogleReconcile
- HYPRReconcile
- TwitterReconcile
- LDAPConnectorReconcile
- LinkedInReconcile
- EpicGamesReconcile
- NintendoReconcile
- SonyPSNReconcile
- SteamReconcile
- TwitchReconcile
- XboxReconcile
- ClientCredentialsJWTPopulate
- SCIMServerGroupRequestConverter
- SCIMServerGroupResponseConverter
- SCIMServerUserRequestConverter
- SCIMServerUserResponseConverter
- SelfServiceRegistrationValidation
SecureGeneratorConfiguration:
description: ''
type: object
properties:
length:
type: integer
type:
"$ref": "#/components/schemas/SecureGeneratorType"
LDAPConnectorConfiguration:
description: Models an LDAP connector.
type: object
properties:
authenticationURL:
type: string
format: URI
baseStructure:
type: string
connectTimeout:
type: integer
identifyingAttribute:
type: string
lambdaConfiguration:
"$ref": "#/components/schemas/ConnectorLambdaConfiguration"
loginIdAttribute:
type: string
readTimeout:
type: integer
requestedAttributes:
type: array
items:
type: string
securityMethod:
"$ref": "#/components/schemas/LDAPSecurityMethod"
systemAccountDN:
type: string
systemAccountPassword:
type: string
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
"$ref": "#/components/schemas/ConnectorType"
ExternalJWTIdentityProvider:
description: External JWT-only identity provider.
type: object
properties:
claimMap:
type: object
additionalProperties:
type: string
domains:
type: array
uniqueItems: true
items: {}
defaultKeyId:
type: string
format: uuid
headerKeyParameter:
type: string
oauth2:
"$ref": "#/components/schemas/IdentityProviderOauth2Configuration"
uniqueIdentityClaim:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/ExternalJWTApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
LambdaRequest:
description: Lambda API request object.
type: object
properties:
lambda:
"$ref": "#/components/schemas/Lambda"
UserEmailUpdateEvent:
description: Models an event where a user's email is updated outside of a forgot change
password workflow.
type: object
properties:
previousEmail:
type: string
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
RawLogin:
description: Raw login information for each time a user logs into an application.
type: object
properties:
applicationId:
type: string
format: uuid
instant:
"$ref": "#/components/schemas/ZonedDateTime"
ipAddress:
type: string
userId:
type: string
format: uuid
GroupMemberSearchResponse:
description: Search response for Group Members
type: object
properties:
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
total:
type: integer
format: int64
RefreshTokenResponse:
description: API response for retrieving Refresh Tokens
type: object
properties:
refreshToken:
"$ref": "#/components/schemas/RefreshToken"
refreshTokens:
type: array
items:
"$ref": "#/components/schemas/RefreshToken"
DeviceApprovalResponse:
description: ''
type: object
properties:
deviceGrantStatus:
type: string
deviceInfo:
"$ref": "#/components/schemas/DeviceInfo"
identityProviderLink:
"$ref": "#/components/schemas/IdentityProviderLink"
tenantId:
type: string
format: uuid
userId:
type: string
format: uuid
JWT:
description: 'JSON Web Token (JWT) as defined by RFC 7519. This is different
than user.registration.delete in that it is sent after the TX has been committed.
This event cannot be transactional.
type: object
properties:
applicationId:
type: string
format: uuid
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
GroupRequest:
description: Group API request object.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
roleIds:
type: array
items:
type: string
format: uuid
UserCommentResponse:
description: User Comment Response
type: object
properties:
userComment:
"$ref": "#/components/schemas/UserComment"
userComments:
type: array
items:
"$ref": "#/components/schemas/UserComment"
ValidateResponse:
description: ''
type: object
properties:
jwt:
"$ref": "#/components/schemas/JWT"
GoogleApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
loginMethod:
"$ref": "#/components/schemas/IdentityProviderLoginMethod"
properties:
"$ref": "#/components/schemas/GoogleIdentityProviderProperties"
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
UserDeleteCompleteEvent:
description: Models the User Event (and can be converted to JSON) that is used
for all user modifications (create, update, delete). This is different
than user.delete because it is sent after the tx is committed, this cannot
be transactional.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
PublicKeyCredentialUserEntity:
description: Supply additional information about the user account when creating
a new credential
type: object
properties:
displayName:
type: string
id:
type: string
name:
type: string
Lambda:
description: A JavaScript lambda function that is executed during certain events
inside FusionAuth.
type: object
properties:
body:
type: string
debug:
type: boolean
engineType:
"$ref": "#/components/schemas/LambdaEngineType"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
"$ref": "#/components/schemas/LambdaType"
SonyPSNIdentityProvider:
description: SonyPSN gaming login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/SonyPSNApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
BreachedPasswordTenantMetric:
description: ''
type: object
properties:
actionRequired:
type: integer
matchedCommonPasswordCount:
type: integer
matchedExactCount:
type: integer
matchedPasswordCount:
type: integer
matchedSubAddressCount:
type: integer
passwordsCheckedCount:
type: integer
NintendoApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
emailClaim:
type: string
scope:
type: string
uniqueIdClaim:
type: string
usernameClaim:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
TenantUnverifiedConfiguration:
description: ''
type: object
properties:
email:
"$ref": "#/components/schemas/UnverifiedBehavior"
whenGated:
"$ref": "#/components/schemas/RegistrationUnverifiedOptions"
LoginRecordSearchCriteria:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
end:
"$ref": "#/components/schemas/ZonedDateTime"
start:
"$ref": "#/components/schemas/ZonedDateTime"
userId:
type: string
format: uuid
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
EntityTypeSearchRequest:
description: Search request for entity types.
type: object
properties:
search:
"$ref": "#/components/schemas/EntityTypeSearchCriteria"
JWTRefreshTokenRevokeEvent:
description: Models the Refresh Token Revoke Event. This event might be for
a single token, a user or an entire application.
type: object
properties:
applicationId:
type: string
format: uuid
applicationTimeToLiveInSeconds:
type: object
additionalProperties:
type: integer
refreshToken:
"$ref": "#/components/schemas/RefreshToken"
user:
"$ref": "#/components/schemas/User"
userId:
type: string
format: uuid
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
IdentityProviderLink:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
displayName:
type: string
identityProviderId:
type: string
format: uuid
identityProviderName:
type: string
identityProviderType:
"$ref": "#/components/schemas/IdentityProviderType"
identityProviderUserId:
type: string
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastLoginInstant:
"$ref": "#/components/schemas/ZonedDateTime"
tenantId:
type: string
format: uuid
token:
type: string
userId:
type: string
format: uuid
TwitchIdentityProvider:
description: Twitch gaming login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/TwitchApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
User:
description: The global view of a User. This object contains all global information
about the user including birth date, registration information preferred languages,
global attributes, etc.
type: object
properties:
preferredLanguages:
type: array
items:
"$ref": "#/components/schemas/Locale"
active:
type: boolean
birthDate:
"$ref": "#/components/schemas/LocalDate"
cleanSpeakId:
type: string
format: uuid
data:
type: object
additionalProperties:
type: object
email:
type: string
expiry:
"$ref": "#/components/schemas/ZonedDateTime"
firstName:
type: string
fullName:
type: string
imageUrl:
type: string
format: URI
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastName:
type: string
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
middleName:
type: string
mobilePhone:
type: string
parentEmail:
type: string
tenantId:
type: string
format: uuid
timezone:
"$ref": "#/components/schemas/ZoneId"
twoFactor:
"$ref": "#/components/schemas/UserTwoFactorConfiguration"
memberships:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
registrations:
type: array
items:
"$ref": "#/components/schemas/UserRegistration"
breachedPasswordLastCheckedInstant:
"$ref": "#/components/schemas/ZonedDateTime"
breachedPasswordStatus:
"$ref": "#/components/schemas/BreachedPasswordStatus"
connectorId:
type: string
format: uuid
encryptionScheme:
type: string
factor:
type: integer
id:
type: string
format: uuid
lastLoginInstant:
"$ref": "#/components/schemas/ZonedDateTime"
password:
type: string
passwordChangeReason:
"$ref": "#/components/schemas/ChangePasswordReason"
passwordChangeRequired:
type: boolean
passwordLastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
salt:
type: string
uniqueUsername:
type: string
username:
type: string
usernameStatus:
"$ref": "#/components/schemas/ContentStatus"
verified:
type: boolean
EntityTypeSearchCriteria:
description: Search criteria for entity types.
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
UserIdentityProviderUnlinkEvent:
description: Models the User Identity Provider Unlink Event.
type: object
properties:
identityProviderLink:
"$ref": "#/components/schemas/IdentityProviderLink"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
WebAuthnExtensionsClientOutputs:
description: Contains extension output for requested extensions during a WebAuthn
ceremony
type: object
properties:
credProps:
"$ref": "#/components/schemas/CredentialPropertiesOutput"
AuthenticatorConfiguration:
description: ''
type: object
properties:
algorithm:
"$ref": "#/components/schemas/TOTPAlgorithm"
codeLength:
type: integer
timeStep:
type: integer
TwoFactorEnableDisableSendRequest:
description: ''
type: object
properties:
email:
type: string
method:
type: string
methodId:
type: string
mobilePhone:
type: string
TenantWebAuthnConfiguration:
description: Tenant-level configuration for WebAuthn
type: object
properties:
bootstrapWorkflow:
"$ref": "#/components/schemas/TenantWebAuthnWorkflowConfiguration"
debug:
type: boolean
reauthenticationWorkflow:
"$ref": "#/components/schemas/TenantWebAuthnWorkflowConfiguration"
relyingPartyId:
type: string
relyingPartyName:
type: string
enabled:
type: boolean
GroupCreateCompleteEvent:
description: Models the Group Created Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
WebAuthnRegistrationExtensionOptions:
description: Options to request extensions during credential registration
type: object
properties:
credProps:
type: boolean
PasswordEncryptionConfiguration:
description: Password Encryption Scheme Configuration
type: object
properties:
encryptionScheme:
type: string
encryptionSchemeFactor:
type: integer
modifyEncryptionSchemeOnLogin:
type: boolean
RegistrationRequest:
description: Registration API request object.
type: object
properties:
disableDomainBlock:
type: boolean
generateAuthenticationToken:
type: boolean
registration:
"$ref": "#/components/schemas/UserRegistration"
sendSetPasswordEmail:
type: boolean
skipRegistrationVerification:
type: boolean
skipVerification:
type: boolean
user:
"$ref": "#/components/schemas/User"
eventInfo:
"$ref": "#/components/schemas/EventInfo"
ApplicationRequest:
description: The Application API request object.
type: object
properties:
application:
"$ref": "#/components/schemas/Application"
role:
"$ref": "#/components/schemas/ApplicationRole"
sourceApplicationId:
type: string
format: uuid
eventInfo:
"$ref": "#/components/schemas/EventInfo"
TwoFactorResponse:
description: ''
type: object
properties:
code:
type: string
recoveryCodes:
type: array
items:
type: string
MultiFactorAuthenticatorMethod:
type: object
properties:
algorithm:
"$ref": "#/components/schemas/TOTPAlgorithm"
codeLength:
type: integer
timeStep:
type: integer
enabled:
type: boolean
SAMLv2Logout:
type: object
properties:
behavior:
"$ref": "#/components/schemas/SAMLLogoutBehavior"
defaultVerificationKeyId:
type: string
format: uuid
keyId:
type: string
format: uuid
requireSignedRequests:
type: boolean
singleLogout:
"$ref": "#/components/schemas/SAMLv2SingleLogout"
xmlSignatureC14nMethod:
"$ref": "#/components/schemas/CanonicalizationMethod"
RefreshTokenSlidingWindowConfiguration:
description: ''
type: object
properties:
maximumTimeToLiveInMinutes:
type: integer
IdentityProviderSearchCriteria:
description: Search criteria for Identity Providers.
type: object
properties:
applicationId:
type: string
format: uuid
name:
type: string
type:
"$ref": "#/components/schemas/IdentityProviderType"
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
JWTVendRequest:
description: ''
type: object
properties:
claims:
type: object
additionalProperties:
type: object
keyId:
type: string
format: uuid
timeToLiveInSeconds:
type: integer
UserDeleteSingleRequest:
description: User API delete request object for a single user.
type: object
properties:
hardDelete:
type: boolean
eventInfo:
"$ref": "#/components/schemas/EventInfo"
GroupSearchRequest:
description: Search request for Groups.
type: object
properties:
search:
"$ref": "#/components/schemas/GroupSearchCriteria"
WebAuthnAuthenticatorAuthenticationResponse:
description: The authenticator's response for the authentication ceremony
in its encoded format
type: object
properties:
authenticatorData:
type: string
clientDataJSON:
type: string
signature:
type: string
userHandle:
type: string
HTTPHeaders:
description: Type for webhook headers.
type: object
properties: {}
EpicGamesIdentityProvider:
description: Epic gaming login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/EpicGamesApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
Form:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
steps:
type: array
items:
"$ref": "#/components/schemas/FormStep"
type:
"$ref": "#/components/schemas/FormType"
WebAuthnPublicKeyAuthenticationRequest:
description: Request to authenticate with WebAuthn
type: object
properties:
clientExtensionResults:
"$ref": "#/components/schemas/WebAuthnExtensionsClientOutputs"
id:
type: string
rpId:
type: string
response:
"$ref": "#/components/schemas/WebAuthnAuthenticatorAuthenticationResponse"
type:
type: string
Algorithm:
description: Available JSON Web Algorithms (JWA) as described in RFC 7518 available
for this JWT implementation.
type: string
enum:
- ES256
- ES384
- ES512
- HS256
- HS384
- HS512
- PS256
- PS384
- PS512
- RS256
- RS384
- RS512
- none
IdentityProviderSearchRequest:
description: Search request for Identity Providers
type: object
properties:
search:
"$ref": "#/components/schemas/IdentityProviderSearchCriteria"
KeyUse:
description: The use type of a key.
type: string
enum:
- SignOnly
- SignAndVerify
- VerifyOnly
FamilyRole:
type: string
enum:
- Child
- Teen
- Adult
EntityRequest:
description: Entity API request object.
type: object
properties:
entity:
"$ref": "#/components/schemas/Entity"
SystemConfigurationResponse:
description: Response for the system configuration API.
type: object
properties:
systemConfiguration:
"$ref": "#/components/schemas/SystemConfiguration"
ActionData:
type: object
properties:
actioneeUserId:
type: string
format: uuid
actionerUserId:
type: string
format: uuid
applicationIds:
type: array
items:
type: string
format: uuid
comment:
type: string
emailUser:
type: boolean
expiry:
"$ref": "#/components/schemas/ZonedDateTime"
notifyUser:
type: boolean
option:
type: string
reasonId:
type: string
format: uuid
userActionId:
type: string
format: uuid
APIKeyMetaData:
type: object
properties:
attributes:
type: object
additionalProperties:
type: string
TenantRateLimitConfiguration:
description: ''
type: object
properties:
failedLogin:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
forgotPassword:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
sendEmailVerification:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
sendPasswordless:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
sendRegistrationVerification:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
sendTwoFactor:
"$ref": "#/components/schemas/RateLimitedRequestConfiguration"
BaseLoginRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
eventInfo:
"$ref": "#/components/schemas/EventInfo"
NintendoIdentityProvider:
description: Nintendo gaming login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
emailClaim:
type: string
scope:
type: string
uniqueIdClaim:
type: string
usernameClaim:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/NintendoApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
UserUpdateCompleteEvent:
description: Models the User Update Event once it is completed. This cannot
be transactional.
type: object
properties:
original:
"$ref": "#/components/schemas/User"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
TransactionType:
description: The transaction types for Webhooks and other event systems within
FusionAuth.
type: string
enum:
- None
- Any
- SimpleMajority
- SuperMajority
- AbsoluteMajority
UserLoginSuccessEvent:
description: Models the User Login Success Event.
type: object
properties:
applicationId:
type: string
format: uuid
authenticationType:
type: string
connectorId:
type: string
format: uuid
identityProviderId:
type: string
format: uuid
identityProviderName:
type: string
ipAddress:
type: string
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
MemberDeleteRequest:
description: Group Member Delete Request
type: object
properties:
memberIds:
type: array
items:
type: string
format: uuid
members:
type: array
items:
type: string
format: uuid
RegistrationResponse:
description: Registration API request object.
type: object
properties:
refreshToken:
type: string
registration:
"$ref": "#/components/schemas/UserRegistration"
registrationVerificationId:
type: string
token:
type: string
tokenExpirationInstant:
"$ref": "#/components/schemas/ZonedDateTime"
user:
"$ref": "#/components/schemas/User"
UserRegistrationUpdateCompleteEvent:
description: Models the User Update Registration Event. This is different
than user.registration.update in that it is sent after this event completes,
this cannot be transactional.
type: object
properties:
applicationId:
type: string
format: uuid
original:
"$ref": "#/components/schemas/UserRegistration"
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ThemeSearchResponse:
description: Search response for Themes
type: object
properties:
themes:
type: array
items:
"$ref": "#/components/schemas/Theme"
total:
type: integer
format: int64
UserVerificationRequirement:
description: Used to express whether the Relying Party requires user
verification for the current operation.
type: string
enum:
- required
- preferred
- discouraged
DeviceResponse:
description: ''
type: object
properties:
device_code:
type: string
expires_in:
type: integer
interval:
type: integer
user_code:
type: string
verification_uri:
type: string
format: URI
verification_uri_complete:
type: string
format: URI
EmailTemplateSearchCriteria:
description: Search criteria for Email templates
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
APIKeyPermissions:
type: object
properties:
endpoints:
type: object
additionalProperties:
type: array
uniqueItems: true
items: {}
BaseElasticSearchCriteria:
description: ''
type: object
properties:
accurateTotal:
type: boolean
ids:
type: array
items:
type: string
format: uuid
query:
type: string
queryString:
type: string
sortFields:
type: array
items:
"$ref": "#/components/schemas/SortField"
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
IPAccessControlListSearchRequest:
description: Search request for IP ACLs .
type: object
properties:
search:
"$ref": "#/components/schemas/IPAccessControlListSearchCriteria"
LoginConfiguration:
type: object
properties:
allowTokenRefresh:
type: boolean
generateRefreshTokens:
type: boolean
requireAuthentication:
type: boolean
GroupMemberAddEvent:
description: Models the Group Member Add Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
KeyRequest:
description: Key API request object.
type: object
properties:
key:
"$ref": "#/components/schemas/Key"
EventLogSearchResponse:
description: Event log response.
type: object
properties:
eventLogs:
type: array
items:
"$ref": "#/components/schemas/EventLog"
total:
type: integer
format: int64
TwoFactorTrust:
type: object
properties:
applicationId:
type: string
format: uuid
expiration:
"$ref": "#/components/schemas/ZonedDateTime"
startInstant:
"$ref": "#/components/schemas/ZonedDateTime"
ApplicationWebAuthnConfiguration:
description: Application-level configuration for WebAuthn
type: object
properties:
bootstrapWorkflow:
"$ref": "#/components/schemas/ApplicationWebAuthnWorkflowConfiguration"
reauthenticationWorkflow:
"$ref": "#/components/schemas/ApplicationWebAuthnWorkflowConfiguration"
enabled:
type: boolean
GenericConnectorConfiguration:
description: Models a generic connector.
type: object
properties:
authenticationURL:
type: string
format: URI
connectTimeout:
type: integer
headers:
"$ref": "#/components/schemas/HTTPHeaders"
httpAuthenticationPassword:
type: string
httpAuthenticationUsername:
type: string
readTimeout:
type: integer
sslCertificateKeyId:
type: string
format: uuid
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
"$ref": "#/components/schemas/ConnectorType"
MessengerTransport:
description: ''
type: object
properties: {}
IdentityProviderTenantConfiguration:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
limitUserLinkCount:
"$ref": "#/components/schemas/IdentityProviderLimitUserLinkingPolicy"
AuditLogSearchCriteria:
description: ''
type: object
properties:
end:
"$ref": "#/components/schemas/ZonedDateTime"
message:
type: string
newValue:
type: string
oldValue:
type: string
reason:
type: string
start:
"$ref": "#/components/schemas/ZonedDateTime"
user:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
RefreshTokenImportRequest:
description: Refresh Token Import request.
type: object
properties:
refreshTokens:
type: array
items:
"$ref": "#/components/schemas/RefreshToken"
validateDbConstraints:
type: boolean
WebAuthnCredentialResponse:
description: WebAuthn Credential API response
type: object
properties:
credential:
"$ref": "#/components/schemas/WebAuthnCredential"
credentials:
type: array
items:
"$ref": "#/components/schemas/WebAuthnCredential"
ConnectorResponse:
description: ''
type: object
properties:
connector:
"$ref": "#/components/schemas/BaseConnectorConfiguration"
connectors:
type: array
items:
"$ref": "#/components/schemas/BaseConnectorConfiguration"
UserConsent:
description: Models a User consent.
type: object
properties:
data:
type: object
additionalProperties:
type: object
consent:
"$ref": "#/components/schemas/Consent"
consentId:
type: string
format: uuid
giverUserId:
type: string
format: uuid
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
status:
"$ref": "#/components/schemas/ConsentStatus"
userId:
type: string
format: uuid
values:
type: array
items:
type: string
SteamAPIMode:
description: Steam API modes.
type: string
enum:
- Public
- Partner
LogoutRequest:
description: Request for the Logout API that can be used as an alternative to
URL parameters.
type: object
properties:
global:
type: boolean
refreshToken:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
LookupResponse:
description: ''
type: object
properties:
identityProvider:
"$ref": "#/components/schemas/IdentityProviderDetails"
Family:
description: Models a family grouping of users.
type: object
properties:
members:
type: array
items:
"$ref": "#/components/schemas/FamilyMember"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
ProviderLambdaConfiguration:
type: object
properties:
reconcileId:
type: string
format: uuid
EntityTypeSearchResponse:
description: Search response for entity types.
type: object
properties:
entityTypes:
type: array
items:
"$ref": "#/components/schemas/EntityType"
total:
type: integer
format: int64
LinkedInApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
PreviewRequest:
description: ''
type: object
properties:
emailTemplate:
"$ref": "#/components/schemas/EmailTemplate"
locale:
"$ref": "#/components/schemas/Locale"
RefreshTokenRevokeRequest:
description: Request for the Refresh Token API to revoke a refresh token rather
than using the URL parameters.
type: object
properties:
applicationId:
type: string
format: uuid
token:
type: string
userId:
type: string
format: uuid
eventInfo:
"$ref": "#/components/schemas/EventInfo"
ChangePasswordReason:
description: ''
type: string
enum:
- Administrative
- Breached
- Expired
- Validation
Enableable:
description: Something that can be enabled and thus also disabled.
type: object
properties:
enabled:
type: boolean
EmailTemplateSearchRequest:
description: Search request for email templates
type: object
properties:
search:
"$ref": "#/components/schemas/EmailTemplateSearchCriteria"
ApplicationUnverifiedConfiguration:
description: ''
type: object
properties:
registration:
"$ref": "#/components/schemas/UnverifiedBehavior"
verificationStrategy:
"$ref": "#/components/schemas/VerificationStrategy"
whenGated:
"$ref": "#/components/schemas/RegistrationUnverifiedOptions"
EmailSecurityType:
type: string
enum:
- NONE
- SSL
- TLS
PublicKeyCredentialRequestOptions:
description: Provides the authenticator with the data it needs to generate
an assertion.
type: object
properties:
allowCredentials:
type: array
items:
"$ref": "#/components/schemas/PublicKeyCredentialDescriptor"
challenge:
type: string
rpId:
type: string
timeout:
type: integer
format: int64
userVerification:
"$ref": "#/components/schemas/UserVerificationRequirement"
PublicKeyCredentialRelyingPartyEntity:
description: Supply additional information about the Relying Party when creating
a new credential
type: object
properties:
id:
type: string
name:
type: string
UserConsentResponse:
description: API response for User consent.
type: object
properties:
userConsent:
"$ref": "#/components/schemas/UserConsent"
userConsents:
type: array
items:
"$ref": "#/components/schemas/UserConsent"
BaseIdentityProviderApplicationConfiguration:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
enabled:
type: boolean
JWTRefreshResponse:
description: API response for refreshing a JWT with a Refresh Token. Using
a different response object from RefreshTokenResponse because the retrieve
response will return an object for refreshToken, and this is a string.
type: object
properties:
refreshToken:
type: string
refreshTokenId:
type: string
format: uuid
token:
type: string
Count:
description: ''
type: object
properties:
count:
type: integer
interval:
type: integer
AuditLogExportRequest:
description: ''
type: object
properties:
criteria:
"$ref": "#/components/schemas/AuditLogSearchCriteria"
dateTimeSecondsFormat:
type: string
zoneId:
"$ref": "#/components/schemas/ZoneId"
Error:
description: Defines an error.
type: object
properties:
code:
type: string
data:
type: object
additionalProperties:
type: object
message:
type: string
WebAuthnCredentialImportRequest:
description: API request to import an existing WebAuthn credential(s)
type: object
properties:
credentials:
type: array
items:
"$ref": "#/components/schemas/WebAuthnCredential"
validateDbConstraints:
type: boolean
ExpiryUnit:
description: ''
type: string
enum:
- MINUTES
- HOURS
- DAYS
- WEEKS
- MONTHS
- YEARS
MessengerType:
description: ''
type: string
enum:
- Generic
- Kafka
- Twilio
ThemeSearchRequest:
description: Search request for Themes.
type: object
properties:
search:
"$ref": "#/components/schemas/ThemeSearchCriteria"
PasswordValidationRulesResponse:
description: ''
type: object
properties:
passwordValidationRules:
"$ref": "#/components/schemas/PasswordValidationRules"
WebAuthnStartRequest:
description: API request to start a WebAuthn authentication ceremony
type: object
properties:
applicationId:
type: string
format: uuid
credentialId:
type: string
format: uuid
loginId:
type: string
state:
type: object
additionalProperties:
type: object
userId:
type: string
format: uuid
workflow:
"$ref": "#/components/schemas/WebAuthnWorkflow"
LoginRecordSearchResponse:
description: A raw login record response
type: object
properties:
logins:
type: array
items:
"$ref": "#/components/schemas/DisplayableRawLogin"
total:
type: integer
format: int64
RegistrationReportResponse:
description: Response for the registration report.
type: object
properties:
hourlyCounts:
type: array
items:
"$ref": "#/components/schemas/Count"
total:
type: integer
format: int64
IPAccessControlListSearchResponse:
description: ''
type: object
properties:
ipAccessControlLists:
type: array
items:
"$ref": "#/components/schemas/IPAccessControlList"
total:
type: integer
format: int64
TwoFactorStatusResponse:
description: ''
type: object
properties:
trusts:
type: array
items:
"$ref": "#/components/schemas/TwoFactorTrust"
twoFactorTrustId:
type: string
ConsentSearchResponse:
description: Consent search response
type: object
properties:
consents:
type: array
items:
"$ref": "#/components/schemas/Consent"
total:
type: integer
format: int64
RefreshResponse:
description: ''
type: object
properties: {}
MessageTemplate:
description: Stores an message template used to distribute messages;
type: object
properties:
data:
type: object
additionalProperties:
type: object
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
"$ref": "#/components/schemas/MessageType"
JWTPublicKeyUpdateEvent:
description: Models the JWT public key Refresh Token Revoke Event. This event
might be for a single token, a user or an entire application.
type: object
properties:
applicationIds:
type: array
uniqueItems: true
items: {}
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
DeviceUserCodeResponse:
description: ''
type: object
properties:
client_id:
type: string
deviceInfo:
"$ref": "#/components/schemas/DeviceInfo"
expires_in:
type: integer
pendingIdPLink:
"$ref": "#/components/schemas/PendingIdPLink"
tenantId:
type: string
format: uuid
user_code:
type: string
EntityType:
description: Models an entity type that has a specific set of permissions. These
are global objects and can be used across tenants.
type: object
properties:
data:
type: object
additionalProperties:
type: object
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
jwtConfiguration:
"$ref": "#/components/schemas/EntityJWTConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
permissions:
type: array
items:
"$ref": "#/components/schemas/EntityTypePermission"
IdentityProviderType:
description: ''
type: string
enum:
- Apple
- EpicGames
- ExternalJWT
- Facebook
- Google
- HYPR
- LinkedIn
- Nintendo
- OpenIDConnect
- SAMLv2
- SAMLv2IdPInitiated
- SonyPSN
- Steam
- Twitch
- Twitter
- Xbox
PreviewResponse:
description: ''
type: object
properties:
email:
"$ref": "#/components/schemas/Email"
errors:
"$ref": "#/components/schemas/Errors"
KickstartSuccessEvent:
description: Event to indicate kickstart has been successfully completed.
type: object
properties:
instanceId:
type: string
format: uuid
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
TenantUsernameConfiguration:
description: ''
type: object
properties:
unique:
"$ref": "#/components/schemas/UniqueUsernameConfiguration"
PasswordlessIdentityProvider:
description: Interface for all identity providers that are passwordless and
do not accept a password.
type: object
properties: {}
PasswordBreachDetection:
description: ''
type: object
properties:
matchMode:
"$ref": "#/components/schemas/BreachMatchMode"
notifyUserEmailTemplateId:
type: string
format: uuid
onLogin:
"$ref": "#/components/schemas/BreachAction"
enabled:
type: boolean
BaseEvent:
description: Base-class for all FusionAuth events.
type: object
properties:
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
EmailHeader:
description: ''
type: object
properties:
name:
type: string
value:
type: string
FormFieldRequest:
description: The FormField API request object.
type: object
properties:
field:
"$ref": "#/components/schemas/FormField"
fields:
type: array
items:
"$ref": "#/components/schemas/FormField"
TwoFactorMethod:
description: ''
type: object
properties:
authenticator:
"$ref": "#/components/schemas/AuthenticatorConfiguration"
email:
type: string
id:
type: string
lastUsed:
type: boolean
method:
type: string
mobilePhone:
type: string
secret:
type: string
EventType:
description: Models the event types that FusionAuth produces.
type: string
enum:
- JWTPublicKeyUpdate
- JWTRefreshTokenRevoke
- JWTRefresh
- AuditLogCreate
- EventLogCreate
- KickstartSuccess
- GroupCreate
- GroupCreateComplete
- GroupDelete
- GroupDeleteComplete
- GroupMemberAdd
- GroupMemberAddComplete
- GroupMemberRemove
- GroupMemberRemoveComplete
- GroupMemberUpdate
- GroupMemberUpdateComplete
- GroupUpdate
- GroupUpdateComplete
- UserAction
- UserBulkCreate
- UserCreate
- UserCreateComplete
- UserDeactivate
- UserDelete
- UserDeleteComplete
- UserEmailUpdate
- UserEmailVerified
- UserIdentityProviderLink
- UserIdentityProviderUnlink
- UserLoginIdDuplicateOnCreate
- UserLoginIdDuplicateOnUpdate
- UserLoginFailed
- UserLoginNewDevice
- UserLoginSuccess
- UserLoginSuspicious
- UserPasswordBreach
- UserPasswordResetSend
- UserPasswordResetStart
- UserPasswordResetSuccess
- UserPasswordUpdate
- UserReactivate
- UserRegistrationCreate
- UserRegistrationCreateComplete
- UserRegistrationDelete
- UserRegistrationDeleteComplete
- UserRegistrationUpdate
- UserRegistrationUpdateComplete
- UserRegistrationVerified
- UserTwoFactorMethodAdd
- UserTwoFactorMethodRemove
- UserUpdate
- UserUpdateComplete
- Test
TenantSearchResponse:
description: Tenant search response
type: object
properties:
tenants:
type: array
items:
"$ref": "#/components/schemas/Tenant"
total:
type: integer
format: int64
SearchRequest:
description: Search API request.
type: object
properties:
search:
"$ref": "#/components/schemas/UserSearchCriteria"
LambdaSearchResponse:
description: Lambda search response
type: object
properties:
lambdas:
type: array
items:
"$ref": "#/components/schemas/Lambda"
total:
type: integer
format: int64
Templates:
type: object
properties:
accountEdit:
type: string
accountIndex:
type: string
accountTwoFactorDisable:
type: string
accountTwoFactorEnable:
type: string
accountTwoFactorIndex:
type: string
accountWebAuthnAdd:
type: string
accountWebAuthnDelete:
type: string
accountWebAuthnIndex:
type: string
emailComplete:
type: string
emailSent:
type: string
emailVerificationRequired:
type: string
emailVerify:
type: string
helpers:
type: string
index:
type: string
oauth2Authorize:
type: string
oauth2AuthorizedNotRegistered:
type: string
oauth2ChildRegistrationNotAllowed:
type: string
oauth2ChildRegistrationNotAllowedComplete:
type: string
oauth2CompleteRegistration:
type: string
oauth2Device:
type: string
oauth2DeviceComplete:
type: string
oauth2Error:
type: string
oauth2Logout:
type: string
oauth2Passwordless:
type: string
oauth2Register:
type: string
oauth2StartIdPLink:
type: string
oauth2TwoFactor:
type: string
oauth2TwoFactorEnable:
type: string
oauth2TwoFactorEnableComplete:
type: string
oauth2TwoFactorMethods:
type: string
oauth2Wait:
type: string
oauth2WebAuthn:
type: string
oauth2WebAuthnReauth:
type: string
oauth2WebAuthnReauthEnable:
type: string
passwordChange:
type: string
passwordComplete:
type: string
passwordForgot:
type: string
passwordSent:
type: string
registrationComplete:
type: string
registrationSent:
type: string
registrationVerificationRequired:
type: string
registrationVerify:
type: string
samlv2Logout:
type: string
unauthorized:
type: string
emailSend:
type: string
registrationSend:
type: string
LambdaSearchRequest:
description: Search request for Lambdas
type: object
properties:
search:
"$ref": "#/components/schemas/LambdaSearchCriteria"
UserPasswordResetSendEvent:
description: Models the User Password Reset Send Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
IntegrationRequest:
description: The Integration Request
type: object
properties:
integrations:
"$ref": "#/components/schemas/Integrations"
TOTPAlgorithm:
type: string
enum:
- HmacSHA1
- HmacSHA256
- HmacSHA512
LDAPSecurityMethod:
type: string
enum:
- None
- LDAPS
- StartTLS
UserDeleteRequest:
description: User API delete request object.
type: object
properties:
dryRun:
type: boolean
hardDelete:
type: boolean
query:
type: string
queryString:
type: string
userIds:
type: array
items:
type: string
format: uuid
eventInfo:
"$ref": "#/components/schemas/EventInfo"
IdentityProviderStartLoginRequest:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: string
identityProviderId:
type: string
format: uuid
loginId:
type: string
state:
type: object
additionalProperties:
type: object
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
UniqueUsernameStrategy:
type: string
enum:
- Always
- OnCollision
ExternalJWTApplicationConfiguration:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
LoginResponse:
description: ''
type: object
properties:
actions:
type: array
items:
"$ref": "#/components/schemas/LoginPreventedResponse"
changePasswordId:
type: string
changePasswordReason:
"$ref": "#/components/schemas/ChangePasswordReason"
configurableMethods:
type: array
items:
type: string
emailVerificationId:
type: string
methods:
type: array
items:
"$ref": "#/components/schemas/TwoFactorMethod"
pendingIdPLinkId:
type: string
refreshToken:
type: string
refreshTokenId:
type: string
format: uuid
registrationVerificationId:
type: string
state:
type: object
additionalProperties:
type: object
threatsDetected:
type: array
uniqueItems: true
items: {}
token:
type: string
tokenExpirationInstant:
"$ref": "#/components/schemas/ZonedDateTime"
trustToken:
type: string
twoFactorId:
type: string
twoFactorTrustId:
type: string
user:
"$ref": "#/components/schemas/User"
SearchResponse:
description: Search API response.
type: object
properties:
total:
type: integer
format: int64
users:
type: array
items:
"$ref": "#/components/schemas/User"
SendResponse:
description: ''
type: object
properties:
anonymousResults:
type: object
additionalProperties:
"$ref": "#/components/schemas/EmailTemplateErrors"
results:
type: object
additionalProperties:
"$ref": "#/components/schemas/EmailTemplateErrors"
SystemLogsExportRequest:
description: ''
type: object
properties:
includeArchived:
type: boolean
lastNBytes:
type: integer
dateTimeSecondsFormat:
type: string
zoneId:
"$ref": "#/components/schemas/ZoneId"
ReactorMetricsResponse:
description: ''
type: object
properties:
metrics:
"$ref": "#/components/schemas/ReactorMetrics"
Location:
description: Location information. Useful for IP addresses and other displayable
data objects.
type: object
properties:
city:
type: string
country:
type: string
latitude:
type: number
format: double
longitude:
type: number
format: double
region:
type: string
zipcode:
type: string
displayString:
type: string
TenantAccessControlConfiguration:
description: ''
type: object
properties:
uiIPAccessControlListId:
type: string
format: uuid
TenantResponse:
description: ''
type: object
properties:
tenant:
"$ref": "#/components/schemas/Tenant"
tenants:
type: array
items:
"$ref": "#/components/schemas/Tenant"
TwilioMessengerConfiguration:
description: ''
type: object
properties:
accountSID:
type: string
authToken:
type: string
fromPhoneNumber:
type: string
messagingServiceSid:
type: string
url:
type: string
format: URI
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
transport:
type: string
type:
"$ref": "#/components/schemas/MessengerType"
VerificationStrategy:
description: ''
type: string
enum:
- ClickableLink
- FormField
UserTwoFactorMethodAddEvent:
description: Model a user event when a two-factor method has been removed.
type: object
properties:
method:
"$ref": "#/components/schemas/TwoFactorMethod"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
WebAuthnRegisterStartRequest:
description: API request to start a WebAuthn registration ceremony
type: object
properties:
displayName:
type: string
name:
type: string
userAgent:
type: string
userId:
type: string
format: uuid
workflow:
"$ref": "#/components/schemas/WebAuthnWorkflow"
MaximumPasswordAge:
description: ''
type: object
properties:
days:
type: integer
enabled:
type: boolean
IPAccessControlEntry:
description: ''
type: object
properties:
action:
"$ref": "#/components/schemas/IPAccessControlEntryAction"
endIPAddress:
type: string
startIPAddress:
type: string
GroupMemberUpdateEvent:
description: Models the Group Member Update Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
UserDeactivateEvent:
description: Models the User Deactivate Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
MemberResponse:
description: Group Member Response
type: object
properties:
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
WebAuthnAssertResponse:
description: API response for completing WebAuthn assertion
type: object
properties:
credential:
"$ref": "#/components/schemas/WebAuthnCredential"
SecureGeneratorType:
description: ''
type: string
enum:
- randomDigits
- randomBytes
- randomAlpha
- randomAlphaNumeric
CanonicalizationMethod:
description: XML canonicalization method enumeration. This is used for the IdP
and SP side of FusionAuth SAML.
type: string
enum:
- exclusive
- exclusive_with_comments
- inclusive
- inclusive_with_comments
ThemeSearchCriteria:
description: Search criteria for themes
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
RateLimitedRequestType:
description: ''
type: string
enum:
- FailedLogin
- ForgotPassword
- SendEmailVerification
- SendPasswordless
- SendRegistrationVerification
- SendTwoFactor
LoginHintConfiguration:
description: ''
type: object
properties:
parameterName:
type: string
enabled:
type: boolean
FamilyRequest:
description: API request for managing families and members.
type: object
properties:
familyMember:
"$ref": "#/components/schemas/FamilyMember"
LogoutBehavior:
description: ''
type: string
enum:
- RedirectOnly
- AllApplications
TotalsReportResponse:
description: The response from the total report. This report stores the total
numbers for each application.
type: object
properties:
applicationTotals:
type: object
additionalProperties:
"$ref": "#/components/schemas/Totals"
globalRegistrations:
type: integer
format: int64
totalGlobalRegistrations:
type: integer
format: int64
LogHistory:
description: A historical state of a user log event. Since events can be modified,
this stores the historical state.
type: object
properties:
historyItems:
type: array
items:
"$ref": "#/components/schemas/HistoryItem"
UserRegistrationCreateEvent:
description: Models the User Create Registration Event.
type: object
properties:
applicationId:
type: string
format: uuid
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ApplicationSearchRequest:
description: Search request for Applications
type: object
properties:
search:
"$ref": "#/components/schemas/ApplicationSearchCriteria"
ConsentRequest:
description: API request for User consent types.
type: object
properties:
consent:
"$ref": "#/components/schemas/Consent"
FacebookApplicationConfiguration:
description: ''
type: object
properties:
appId:
type: string
buttonText:
type: string
client_secret:
type: string
fields:
type: string
loginMethod:
"$ref": "#/components/schemas/IdentityProviderLoginMethod"
permissions:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
Oauth2AuthorizedURLValidationPolicy:
description: ''
type: string
enum:
- AllowWildcards
- ExactMatch
UserActionOption:
description: Models content user action options.
type: object
properties:
localizedNames:
"$ref": "#/components/schemas/LocalizedStrings"
name:
type: string
WebAuthnWorkflow:
description: Identifies the WebAuthn workflow. This will affect the parameters
used for credential creation and request based on the Tenant configuration.
type: string
enum:
- bootstrap
- general
- reauthentication
UserAction:
description: An action that can be executed on a user (discipline or reward
potentially).
type: object
properties:
active:
type: boolean
cancelEmailTemplateId:
type: string
format: uuid
endEmailTemplateId:
type: string
format: uuid
id:
type: string
format: uuid
includeEmailInEventJSON:
type: boolean
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
localizedNames:
"$ref": "#/components/schemas/LocalizedStrings"
modifyEmailTemplateId:
type: string
format: uuid
name:
type: string
options:
type: array
items:
"$ref": "#/components/schemas/UserActionOption"
preventLogin:
type: boolean
sendEndEvent:
type: boolean
startEmailTemplateId:
type: string
format: uuid
temporal:
type: boolean
transactionType:
"$ref": "#/components/schemas/TransactionType"
userEmailingEnabled:
type: boolean
userNotificationsEnabled:
type: boolean
ForgotPasswordResponse:
description: Forgot password response object.
type: object
properties:
changePasswordId:
type: string
JWTRefreshEvent:
description: Models the JWT Refresh Event. This event will be fired when a JWT
is "refreshed" (generated) using a Refresh Token.
type: object
properties:
applicationId:
type: string
format: uuid
original:
type: string
refreshToken:
type: string
token:
type: string
userId:
type: string
format: uuid
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
SearchResults:
description: Search results.
type: object
properties:
results:
type: array
items:
type: object
total:
type: integer
format: int64
totalEqualToActual:
type: boolean
LocalizedStrings:
description: Models a set of localized Strings that can be stored as JSON.
type: object
properties: {}
EntitySearchResponse:
description: Search request for entities
type: object
properties:
entities:
type: array
items:
"$ref": "#/components/schemas/Entity"
total:
type: integer
format: int64
PasswordValidationRules:
description: ''
type: object
properties:
breachDetection:
"$ref": "#/components/schemas/PasswordBreachDetection"
maxLength:
type: integer
minLength:
type: integer
rememberPreviousPasswords:
"$ref": "#/components/schemas/RememberPreviousPasswords"
requireMixedCase:
type: boolean
requireNonAlpha:
type: boolean
requireNumber:
type: boolean
validateOnLogin:
type: boolean
SecretResponse:
description: ''
type: object
properties:
secret:
type: string
secretBase32Encoded:
type: string
TwitterIdentityProvider:
description: Twitter social login provider.
type: object
properties:
buttonText:
type: string
consumerKey:
type: string
consumerSecret:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/TwitterApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
HYPRIdentityProvider:
description: ''
type: object
properties:
relyingPartyApplicationId:
type: string
relyingPartyURL:
type: string
format: URI
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/HYPRApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
UserPasswordResetSuccessEvent:
description: Models the User Password Reset Success Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
Requirable:
description: Something that can be required and thus also optional. This currently
extends Enableable because anything that is requireoptional is almost always
enableable as well.
type: object
properties:
required:
type: boolean
enabled:
type: boolean
EntityJWTConfiguration:
description: JWT Configuration for entities.
type: object
properties:
accessTokenKeyId:
type: string
format: uuid
timeToLiveInSeconds:
type: integer
enabled:
type: boolean
ReloadRequest:
description: ''
type: object
properties:
names:
type: array
items:
type: string
UserCommentSearchRequest:
description: Search request for user comments
type: object
properties:
search:
"$ref": "#/components/schemas/UserCommentSearchCriteria"
WebAuthnLoginRequest:
description: Request to complete the WebAuthn registration ceremony
type: object
properties:
credential:
"$ref": "#/components/schemas/WebAuthnPublicKeyAuthenticationRequest"
origin:
type: string
rpId:
type: string
twoFactorTrustId:
type: string
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
APIKey:
description: domain POJO to represent AuthenticationKey
type: object
properties:
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
ipAccessControlListId:
type: string
format: uuid
key:
type: string
keyManager:
type: boolean
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
metaData:
"$ref": "#/components/schemas/APIKeyMetaData"
permissions:
"$ref": "#/components/schemas/APIKeyPermissions"
tenantId:
type: string
format: uuid
WebhookSearchCriteria:
description: Search criteria for webhooks.
type: object
properties:
description:
type: string
tenantId:
type: string
format: uuid
url:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
UserPasswordResetStartEvent:
description: Models the User Password Reset Start Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
GroupDeleteEvent:
description: Models the Group Delete Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
MultiFactorEmailTemplate:
type: object
properties:
templateId:
type: string
format: uuid
OAuthErrorReason:
type: string
enum:
- auth_code_not_found
- access_token_malformed
- access_token_expired
- access_token_unavailable_for_processing
- access_token_failed_processing
- access_token_invalid
- refresh_token_not_found
- refresh_token_type_not_supported
- invalid_client_id
- invalid_user_credentials
- invalid_grant_type
- invalid_origin
- invalid_origin_opaque
- invalid_pkce_code_verifier
- invalid_pkce_code_challenge
- invalid_pkce_code_challenge_method
- invalid_redirect_uri
- invalid_response_mode
- invalid_response_type
- invalid_id_token_hint
- invalid_post_logout_redirect_uri
- invalid_device_code
- invalid_user_code
- invalid_additional_client_id
- invalid_target_entity_scope
- invalid_entity_permission_scope
- invalid_user_id
- grant_type_disabled
- missing_client_id
- missing_client_secret
- missing_code
- missing_code_challenge
- missing_code_verifier
- missing_device_code
- missing_grant_type
- missing_redirect_uri
- missing_refresh_token
- missing_response_type
- missing_token
- missing_user_code
- missing_user_id
- missing_verification_uri
- login_prevented
- not_licensed
- user_code_expired
- user_expired
- user_locked
- user_not_found
- client_authentication_missing
- invalid_client_authentication_scheme
- invalid_client_authentication
- client_id_mismatch
- change_password_administrative
- change_password_breached
- change_password_expired
- change_password_validation
- unknown
TenantSSOConfiguration:
description: ''
type: object
properties:
deviceTrustTimeToLiveInSeconds:
type: integer
PublicKeyCredentialParameters:
description: Supply information on credential type and algorithm to the authenticator.
type: object
properties:
alg:
"$ref": "#/components/schemas/CoseAlgorithmIdentifier"
type:
"$ref": "#/components/schemas/PublicKeyCredentialType"
ConsentResponse:
description: API response for consent.
type: object
properties:
consent:
"$ref": "#/components/schemas/Consent"
consents:
type: array
items:
"$ref": "#/components/schemas/Consent"
GroupMemberRemoveEvent:
description: Models the Group Member Remove Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
IdentityProviderPendingLinkResponse:
description: ''
type: object
properties:
identityProviderTenantConfiguration:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
linkCount:
type: integer
pendingIdPLink:
"$ref": "#/components/schemas/PendingIdPLink"
ChangePasswordResponse:
description: Change password response object.
type: object
properties:
oneTimePassword:
type: string
state:
type: object
additionalProperties:
type: object
ActionResponse:
description: The user action response object.
type: object
properties:
action:
"$ref": "#/components/schemas/UserActionLog"
actions:
type: array
items:
"$ref": "#/components/schemas/UserActionLog"
Totals:
type: object
properties:
logins:
type: integer
format: int64
registrations:
type: integer
format: int64
totalRegistrations:
type: integer
format: int64
SAMLv2IdpInitiatedConfiguration:
description: Config for regular SAML IDP configurations that support IdP initiated
requests
type: object
properties:
issuer:
type: string
enabled:
type: boolean
SystemConfigurationRequest:
description: Request for the system configuration API.
type: object
properties:
systemConfiguration:
"$ref": "#/components/schemas/SystemConfiguration"
UserActionRequest:
description: User Action API request object.
type: object
properties:
userAction:
"$ref": "#/components/schemas/UserAction"
ClientAuthenticationMethod:
type: string
enum:
- none
- client_secret_basic
- client_secret_post
IPAccessControlListResponse:
description: ''
type: object
properties:
ipAccessControlList:
"$ref": "#/components/schemas/IPAccessControlList"
ipAccessControlLists:
type: array
items:
"$ref": "#/components/schemas/IPAccessControlList"
ReactorRequest:
description: Request for managing FusionAuth Reactor and licenses.
type: object
properties:
license:
type: string
licenseId:
type: string
MessageTemplateResponse:
description: ''
type: object
properties:
messageTemplate:
"$ref": "#/components/schemas/MessageTemplate"
messageTemplates:
type: array
items:
"$ref": "#/components/schemas/MessageTemplate"
IdentityProviderLoginMethod:
description: ''
type: string
enum:
- UsePopup
- UseRedirect
- UseVendorJavaScript
MessengerRequest:
description: ''
type: object
properties:
messenger:
"$ref": "#/components/schemas/BaseMessengerConfiguration"
TenantDeleteRequest:
description: Request for the Tenant API to delete a tenant rather than using
the URL parameters.
type: object
properties:
async:
type: boolean
eventInfo:
"$ref": "#/components/schemas/EventInfo"
EventLogCreateEvent:
description: An Event "event" to indicate an event log was created.
type: object
properties:
eventLog:
"$ref": "#/components/schemas/EventLog"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
UniqueUsernameConfiguration:
type: object
properties:
numberOfDigits:
type: integer
separator:
type: string
strategy:
"$ref": "#/components/schemas/UniqueUsernameStrategy"
enabled:
type: boolean
SAMLv2IdPInitiatedApplicationConfiguration:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
EventLogResponse:
description: Event log response.
type: object
properties:
eventLog:
"$ref": "#/components/schemas/EventLog"
TenantRegistrationConfiguration:
description: ''
type: object
properties:
blockedDomains:
type: array
uniqueItems: true
items: {}
ZonedDateTime:
description: 'The number of milliseconds since the unix epoch: January 1, 1970
00:00:00 UTC. This value is always in UTC.'
example: '1659380719000'
type: integer
format: int64
Locale:
description: A Locale object represents a specific geographical, political,
or cultural region.
example: en_US
type: string
LocalDate:
description: A date without a time-zone in the ISO-8601 calendar system, such
as 2007-12-03.
example: '2007-12-03'
pattern: "^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$"
type: string
ZoneId:
description: Timezone Identifier
example: America/Denver
pattern: "^w+/w+$"
type: string
IdentityProviderField:
oneOf:
- "$ref": "#/components/schemas/SteamIdentityProvider"
- "$ref": "#/components/schemas/XboxIdentityProvider"
- "$ref": "#/components/schemas/LinkedInIdentityProvider"
- "$ref": "#/components/schemas/ExternalJWTIdentityProvider"
- "$ref": "#/components/schemas/SAMLv2IdentityProvider"
- "$ref": "#/components/schemas/FacebookIdentityProvider"
- "$ref": "#/components/schemas/SAMLv2IdPInitiatedIdentityProvider"
- "$ref": "#/components/schemas/AppleIdentityProvider"
- "$ref": "#/components/schemas/OpenIdConnectIdentityProvider"
- "$ref": "#/components/schemas/GoogleIdentityProvider"
- "$ref": "#/components/schemas/SonyPSNIdentityProvider"
- "$ref": "#/components/schemas/TwitchIdentityProvider"
- "$ref": "#/components/schemas/EpicGamesIdentityProvider"
- "$ref": "#/components/schemas/NintendoIdentityProvider"
- "$ref": "#/components/schemas/TwitterIdentityProvider"
- "$ref": "#/components/schemas/HYPRIdentityProvider"
securitySchemes:
ApiKeyAuth:
type: apiKey
name: Authorization
in: header
paths:
"/api/user/family/{familyId}":
get:
description: Retrieves all the members of a family by the unique Family Id.
operationId: retrieveFamilyMembersByFamilyIdWithId
parameters:
- name: familyId
in: path
schema:
type: string
required: true
description: The unique Id of the Family.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyResponse"
default:
description: Error
put:
description: Adds a user to an existing family. The family id must be specified.
operationId: addUserToFamilyWithId
parameters:
- name: familyId
in: path
schema:
type: string
required: true
description: The id of the family.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a family with the user id in the request as the owner and
sole member of the family. You can optionally specify an id for the family,
if not provided one will be generated.
operationId: createFamilyWithId
parameters:
- name: familyId
in: path
schema:
type: string
required: true
description: The id for the family. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/verify-email":
put:
description: Re-sends the verification email to the user. OR Re-sends the verification
email to the user. If the Application has configured a specific email template
this will be used instead of the tenant configuration. OR Generate a new Email
Verification Id to be used with the Verify Email API. This API will not attempt
to send an email to the User. This API may be used to collect the verificationId
for use with a third party system.
operationId: updateUserVerifyEmail
parameters:
- name: email
in: query
schema:
type: string
description: The email address of the user that needs a new verification email.
- name: applicationId
in: query
schema:
type: string
description: The unique Application Id to used to resolve an application specific
email template.
- name: sendVerifyEmail
in: query
schema:
type: string
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/VerifyEmailResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Administratively verify a user's email address. Use this method
to bypass email verification for the user. The request body will contain
the userId to be verified. An API key is required when sending the userId
in the request body. OR Confirms a user's email address. The request body
will contain the verificationId. You may also be required to send a one-time
use code based upon your configuration. When the tenant is configured to
gate a user until their email address is verified, this procedures requires
two values instead of one. The verificationId is a high entropy value and
the one-time use code is a low entropy value that is easily entered in a user
interactive form. The two values together are able to confirm a user's email
address and mark the user's email address as verified.
operationId: createUserVerifyEmail
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/VerifyEmailRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/login":
post:
description: Handles login via third-parties including Social login, external
OAuth and OpenID Connect, and other login systems.
operationId: identityProviderLoginWithId
security: []
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderLoginRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/verify-registration":
post:
description: Confirms a user's registration. The request body will contain
the verificationId. You may also be required to send a one-time use code based
upon your configuration. When the application is configured to gate a user
until their registration is verified, this procedures requires two values
instead of one. The verificationId is a high entropy value and the one-time
use code is a low entropy value that is easily entered in a user interactive
form. The two values together are able to confirm a user's registration and
mark the user's registration as verified.
operationId: verifyUserRegistrationWithId
security: []
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/VerifyRegistrationRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Generate a new Application Registration Verification Id to be used
with the Verify Registration API. This API will not attempt to send an email
to the User. This API may be used to collect the verificationId for use with
a third party system. OR Re-sends the application registration verification
email to the user.
operationId: updateUserVerifyRegistration
parameters:
- name: email
in: query
schema:
type: string
description: The email address of the user that needs a new verification email.
- name: sendVerifyPasswordEmail
in: query
schema:
type: string
- name: applicationId
in: query
schema:
type: string
description: The Id of the application to be verified.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/VerifyRegistrationResponse"
default:
description: Error
"/api/passwordless/send":
post:
description: Send a passwordless authentication code in an email to complete
login.
operationId: sendPasswordlessCodeWithId
security: []
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordlessSendRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/connector/{connectorId}":
post:
description: Creates a connector. You can optionally specify an Id for the
connector, if not provided one will be generated.
operationId: createConnectorWithId
parameters:
- name: connectorId
in: path
schema:
type: string
required: true
description: The Id for the connector. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the connector with the given Id.
operationId: patchConnectorWithId
parameters:
- name: connectorId
in: path
schema:
type: string
required: true
description: The Id of the connector to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the connector with the given Id.
operationId: retrieveConnectorWithId
parameters:
- name: connectorId
in: path
schema:
type: string
required: true
description: The Id of the connector.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorResponse"
default:
description: Error
delete:
description: Deletes the connector for the given Id.
operationId: deleteConnectorWithId
parameters:
- name: connectorId
in: path
schema:
type: string
required: true
description: The Id of the connector to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the connector with the given Id.
operationId: updateConnectorWithId
parameters:
- name: connectorId
in: path
schema:
type: string
required: true
description: The Id of the connector to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/connector":
post:
description: Creates a connector. You can optionally specify an Id for the
connector, if not provided one will be generated.
operationId: createConnector
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConnectorResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user-action/{userActionId}":
put:
description: Reactivates the user action with the given Id. OR Updates the user
action with the given Id.
operationId: updateUserActionWithId
parameters:
- name: reactivate
in: query
schema:
type: string
- name: userActionId
in: path
schema:
type: string
required: true
description: The Id of the user action to reactivate.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionRequest"
patch:
description: Updates, via PATCH, the user action with the given Id.
operationId: patchUserActionWithId
parameters:
- name: userActionId
in: path
schema:
type: string
required: true
description: The Id of the user action to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deactivates the user action with the given Id. OR Deletes the user
action for the given Id. This permanently deletes the user action and also
any history and logs of the action being applied to any users.
operationId: deleteUserActionWithId
parameters:
- name: userActionId
in: path
schema:
type: string
required: true
description: The Id of the user action to deactivate.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: hardDelete
in: query
schema:
type: string
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the user action for the given Id. If you pass in null
for the id, this will return all the user actions.
operationId: retrieveUserActionWithId
parameters:
- name: userActionId
in: path
schema:
type: string
required: true
description: The Id of the user action.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
post:
description: Creates a user action. This action cannot be taken on a user until
this call successfully returns. Anytime after that the user action can be
applied to any user.
operationId: createUserActionWithId
parameters:
- name: userActionId
in: path
schema:
type: string
required: true
description: The Id for the user action. If not provided a secure random UUID
will be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/oauth2/device/user-code":
get:
description: Retrieve a user_code that is part of an in-progress Device Authorization
Grant. This API is useful if you want to build your own login workflow to
complete a device grant. This request will require an API key. OR Retrieve
a user_code that is part of an in-progress Device Authorization Grant. This
API is useful if you want to build your own login workflow to complete a device
grant.
operationId: retrieveDeviceUserCode
parameters: []
responses:
'200':
description: Success
default:
description: Error
"/api/ip-acl/{accessControlListId}":
post:
description: Creates an IP Access Control List. You can optionally specify an
Id on this create request, if one is not provided one will be generated.
operationId: createIPAccessControlListWithId
parameters:
- name: accessControlListId
in: path
schema:
type: string
required: true
description: The Id for the IP Access Control List. If not provided a secure
random UUID will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the IP Access Control List with the given Id.
operationId: updateIPAccessControlListWithId
parameters:
- name: accessControlListId
in: path
schema:
type: string
required: true
description: The Id of the IP Access Control List to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/ip-acl":
post:
description: Creates an IP Access Control List. You can optionally specify an
Id on this create request, if one is not provided one will be generated.
operationId: createIPAccessControlList
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/family/request":
post:
description: Sends out an email to a parent that they need to register and create
a family or need to log in and add a child to their existing family.
operationId: sendFamilyRequestEmailWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyEmailRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/action":
get:
description: Retrieves all the actions for the user with the given Id that are
currently preventing the User from logging in. OR Retrieves all the actions
for the user with the given Id. This will return all time based actions that
are active, and inactive as well as non-time based actions. OR Retrieves all
the actions for the user with the given Id that are currently active. An active
action means one that is time based and has not been canceled, and has not
ended. OR Retrieves all the actions for the user with the given Id that are
currently inactive. An inactive action means one that is time based and has
been canceled or has expired, or is not time based.
operationId: retrieveUserActioning
parameters:
- name: userId
in: query
schema:
type: string
description: The Id of the user to fetch the actions for.
- name: preventingLogin
in: query
schema:
type: string
- name: active
in: query
schema:
type: string
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Takes an action on a user. The user being actioned is called the
"actionee" and the user taking the action is called the "actioner". Both user
ids are required in the request object.
operationId: actionUserWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webhook/{webhookId}":
post:
description: Creates a webhook. You can optionally specify an Id for the webhook,
if not provided one will be generated.
operationId: createWebhookWithId
parameters:
- name: webhookId
in: path
schema:
type: string
required: true
description: The Id for the webhook. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the webhook for the given Id.
operationId: deleteWebhookWithId
parameters:
- name: webhookId
in: path
schema:
type: string
required: true
description: The Id of the webhook to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the webhook with the given Id.
operationId: updateWebhookWithId
parameters:
- name: webhookId
in: path
schema:
type: string
required: true
description: The Id of the webhook to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the webhook for the given Id. If you pass in null for
the id, this will return all the webhooks.
operationId: retrieveWebhookWithId
parameters:
- name: webhookId
in: path
schema:
type: string
required: true
description: The Id of the webhook.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookResponse"
default:
description: Error
"/api/webhook":
post:
description: Creates a webhook. You can optionally specify an Id for the webhook,
if not provided one will be generated.
operationId: createWebhook
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the webhook for the given Id. If you pass in null for
the id, this will return all the webhooks.
operationId: retrieveWebhook
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookResponse"
default:
description: Error
"/api/lambda/{lambdaId}":
delete:
description: Deletes the lambda for the given Id.
operationId: deleteLambdaWithId
parameters:
- name: lambdaId
in: path
schema:
type: string
required: true
description: The Id of the lambda to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a Lambda. You can optionally specify an Id for the lambda,
if not provided one will be generated.
operationId: createLambdaWithId
parameters:
- name: lambdaId
in: path
schema:
type: string
required: true
description: The Id for the lambda. If not provided a secure random UUID will
be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the lambda with the given Id.
operationId: updateLambdaWithId
parameters:
- name: lambdaId
in: path
schema:
type: string
required: true
description: The Id of the lambda to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the lambda with the given Id.
operationId: patchLambdaWithId
parameters:
- name: lambdaId
in: path
schema:
type: string
required: true
description: The Id of the lambda to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the lambda for the given Id.
operationId: retrieveLambdaWithId
parameters:
- name: lambdaId
in: path
schema:
type: string
required: true
description: The Id of the lambda.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user":
get:
description: Retrieves the user for the given username. OR Retrieves the user
by a verificationId. The intended use of this API is to retrieve a user after
the forgot password workflow has been initiated and you may not know the user's
email or username. OR Retrieves the user by a change password Id. The intended
use of this API is to retrieve a user after the forgot password workflow has
been initiated and you may not know the user's email or username. OR Retrieves
the user for the given Id. This method does not use an API key, instead it
uses a JSON Web Token (JWT) for authentication. OR Retrieves the user for
the given email. OR Retrieves the user for the loginId. The loginId can be
either the username or the email.
operationId: retrieveUser
parameters:
- name: username
in: query
schema:
type: string
description: The username of the user.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: verificationId
in: query
schema:
type: string
description: The unique verification Id that has been set on the user object.
- name: changePasswordId
in: query
schema:
type: string
description: The unique change password Id that was sent via email or returned
by the Forgot Password API.
- name: email
in: query
schema:
type: string
description: The email of the user.
- name: loginId
in: query
schema:
type: string
description: The email or username of the user.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a user. You can optionally specify an Id for the user,
if not provided one will be generated.
operationId: createUser
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/passwordless/start":
post:
description: Start a passwordless login request by generating a passwordless
code. This code can be sent to the User using the Send Passwordless Code API
or using a mechanism outside of FusionAuth. The passwordless login is completed
by using the Passwordless Login API with this code.
operationId: startPasswordlessLoginWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordlessStartRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordlessStartResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application/{applicationId}/role/{roleId}":
post:
description: Creates a new role for an application. You must specify the id
of the application you are creating the role for. You can optionally specify
an Id for the role inside the ApplicationRole object itself, if not provided
one will be generated.
operationId: createApplicationRoleWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to create the role on.
- name: roleId
in: path
schema:
type: string
required: true
description: The Id of the role. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Hard deletes an application role. This is a dangerous operation
and should not be used in most circumstances. This permanently removes the
given role from all users that had it.
operationId: deleteApplicationRoleWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to deactivate.
- name: roleId
in: path
schema:
type: string
required: true
description: The Id of the role to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the application role with the given id for the application.
operationId: updateApplicationRoleWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application that the role belongs to.
- name: roleId
in: path
schema:
type: string
required: true
description: The Id of the role to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the application role with the given id for
the application.
operationId: patchApplicationRoleWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application that the role belongs to.
- name: roleId
in: path
schema:
type: string
required: true
description: The Id of the role to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application/{applicationId}/role":
post:
description: Creates a new role for an application. You must specify the id
of the application you are creating the role for. You can optionally specify
an Id for the role inside the ApplicationRole object itself, if not provided
one will be generated.
operationId: createApplicationRole
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to create the role on.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/logout":
post:
description: The Logout API is intended to be used to remove the refresh token
and access token cookies if they exist on the client and revoke the refresh
token stored. This API does nothing if the request does not contain an access
token or refresh token cookies. OR The Logout API is intended to be used to
remove the refresh token and access token cookies if they exist on the client
and revoke the refresh token stored. This API takes the refresh token in the
JSON body.
operationId: createLogout
security: []
parameters:
- name: global
in: query
schema:
type: string
description: When this value is set to true all the refresh tokens issued
to the owner of the provided token will be revoked.
- name: refreshToken
in: query
schema:
type: string
description: The refresh_token as a request parameter instead of coming in
via a cookie. If provided this takes precedence over the cookie.
responses:
'200':
description: Success
default:
description: Error
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LogoutRequest"
"/api/api-key/{keyId}":
post:
description: Creates an API key. You can optionally specify a unique Id for
the key, if not provided one will be generated. an API key can only be created
with equal or lesser authority. An API key cannot create another API key unless
it is granted to that API key. If an API key is locked to a tenant, it can
only create API Keys for that same tenant. OR Updates an authentication API
key by given id
operationId: createApiKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The unique Id of the API key. If not provided a secure random
Id will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the API key for the given Id.
operationId: deleteAPIKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id of the authentication API key to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves an authentication API key for the given id
operationId: retrieveAPIKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id of the API key to retrieve.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/lambda":
post:
description: Creates a Lambda. You can optionally specify an Id for the lambda,
if not provided one will be generated.
operationId: createLambda
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves all the lambdas for the provided type.
operationId: retrieveLambdasByTypeWithId
parameters:
- name: type
in: query
schema:
type: string
description: The type of the lambda to return.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaResponse"
default:
description: Error
"/api/messenger/{messengerId}":
post:
description: Creates a messenger. You can optionally specify an Id for the
messenger, if not provided one will be generated.
operationId: createMessengerWithId
parameters:
- name: messengerId
in: path
schema:
type: string
required: true
description: The Id for the messenger. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the messenger with the given Id.
operationId: patchMessengerWithId
parameters:
- name: messengerId
in: path
schema:
type: string
required: true
description: The Id of the messenger to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the messenger for the given Id.
operationId: deleteMessengerWithId
parameters:
- name: messengerId
in: path
schema:
type: string
required: true
description: The Id of the messenger to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the messenger with the given Id.
operationId: retrieveMessengerWithId
parameters:
- name: messengerId
in: path
schema:
type: string
required: true
description: The Id of the messenger.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerResponse"
default:
description: Error
put:
description: Updates the messenger with the given Id.
operationId: updateMessengerWithId
parameters:
- name: messengerId
in: path
schema:
type: string
required: true
description: The Id of the messenger to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/messenger":
post:
description: Creates a messenger. You can optionally specify an Id for the
messenger, if not provided one will be generated.
operationId: createMessenger
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessengerResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/entity/type/{entityTypeId}":
delete:
description: Deletes the Entity Type for the given Id.
operationId: deleteEntityTypeWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the Entity Type to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the Entity Type with the given Id.
operationId: patchEntityTypeWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the Entity Type to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the Entity Type with the given Id.
operationId: updateEntityTypeWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the Entity Type to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the Entity Type for the given Id.
operationId: retrieveEntityTypeWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the Entity Type.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a Entity Type. You can optionally specify an Id for the
Entity Type, if not provided one will be generated.
operationId: createEntityTypeWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id for the Entity Type. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/link":
post:
description: Link an external user from a 3rd party identity provider to a FusionAuth
user.
operationId: createUserLinkWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderLinkRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderLinkResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Remove an existing link that has been made from a 3rd party identity
provider to a FusionAuth user.
operationId: deleteUserLinkWithId
parameters:
- name: identityProviderId
in: query
schema:
type: string
description: The unique Id of the identity provider.
- name: identityProviderUserId
in: query
schema:
type: string
description: The unique Id of the user in the 3rd party identity provider
to unlink.
- name: userId
in: query
schema:
type: string
description: The unique Id of the FusionAuth user to unlink.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderLinkResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieve a single Identity Provider user (link). OR Retrieve all
Identity Provider users (links) for the user. Specify the optional identityProviderId
to retrieve links for a particular IdP.
operationId: retrieveIdentityProviderLink
parameters:
- name: identityProviderId
in: query
schema:
type: string
description: The unique Id of the identity provider.
- name: identityProviderUserId
in: query
schema:
type: string
description: The unique Id of the user in the 3rd party identity provider.
- name: userId
in: query
schema:
type: string
description: The unique Id of the FusionAuth user.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderLinkResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/consent/{consentId}":
patch:
description: Updates, via PATCH, the consent with the given Id.
operationId: patchConsentWithId
parameters:
- name: consentId
in: path
schema:
type: string
required: true
description: The Id of the consent to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a user consent type. You can optionally specify an Id for
the consent type, if not provided one will be generated.
operationId: createConsentWithId
parameters:
- name: consentId
in: path
schema:
type: string
required: true
description: The Id for the consent. If not provided a secure random UUID
will be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the consent for the given Id.
operationId: deleteConsentWithId
parameters:
- name: consentId
in: path
schema:
type: string
required: true
description: The Id of the consent to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the consent with the given Id.
operationId: updateConsentWithId
parameters:
- name: consentId
in: path
schema:
type: string
required: true
description: The Id of the consent to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the Consent for the given Id.
operationId: retrieveConsentWithId
parameters:
- name: consentId
in: path
schema:
type: string
required: true
description: The Id of the consent.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentResponse"
default:
description: Error
"/api/form/{formId}":
post:
description: Creates a form. You can optionally specify an Id for the form,
if not provided one will be generated.
operationId: createFormWithId
parameters:
- name: formId
in: path
schema:
type: string
required: true
description: The Id for the form. If not provided a secure random UUID will
be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the form for the given Id.
operationId: deleteFormWithId
parameters:
- name: formId
in: path
schema:
type: string
required: true
description: The Id of the form to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the form with the given Id.
operationId: updateFormWithId
parameters:
- name: formId
in: path
schema:
type: string
required: true
description: The Id of the form to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the form with the given Id.
operationId: retrieveFormWithId
parameters:
- name: formId
in: path
schema:
type: string
required: true
description: The Id of the form.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormResponse"
default:
description: Error
"/api/form":
post:
description: Creates a form. You can optionally specify an Id for the form,
if not provided one will be generated.
operationId: createForm
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/action/{actionId}":
delete:
description: Cancels the user action.
operationId: cancelActionWithId
parameters:
- name: actionId
in: path
schema:
type: string
required: true
description: The action id of the action to cancel.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves a single action log (the log of a user action that was
taken on a user previously) for the given Id.
operationId: retrieveActionWithId
parameters:
- name: actionId
in: path
schema:
type: string
required: true
description: The Id of the action to retrieve.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Modifies a temporal user action by changing the expiration of the
action and optionally adding a comment to the action.
operationId: modifyActionWithId
parameters:
- name: actionId
in: path
schema:
type: string
required: true
description: The Id of the action to modify. This is technically the user
action log id.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webauthn":
get:
description: Retrieves all WebAuthn credentials for the given user.
operationId: retrieveWebAuthnCredentialsForUserWithId
parameters:
- name: userId
in: query
schema:
type: string
description: The user's ID.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnCredentialResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/jwt/refresh":
delete:
description: 'Revoke all refresh tokens that belong to a user by user Id. OR
Revoke all refresh tokens that belong to a user by user Id for a specific
application by applicationId. OR Revoke all refresh tokens that belong to
an application by applicationId. OR Revokes refresh tokens using the information
in the JSON body. The handling for this method is the same as the revokeRefreshToken
method and is based on the information you provide in the RefreshDeleteRequest
object. See that method for additional information. OR Revokes a single refresh
token by using the actual refresh token value. This refresh token value is
sensitive, so be careful with this API request. OR Revokes refresh tokens. Usage
examples: - Delete a single refresh token, pass in only the token. revokeRefreshToken(token) -
Delete all refresh tokens for a user, pass in only the userId. revokeRefreshToken(null,
userId) - Delete all refresh tokens for a user for a specific application,
pass in both the userId and the applicationId. revokeRefreshToken(null,
userId, applicationId) - Delete all refresh tokens for an application revokeRefreshToken(null,
null, applicationId) Note: This
API may be used to verify the JWT as well as decode the encoded JWT into human
readable identity claims.
operationId: validateJWTWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ValidateResponse"
default:
description: Error
"/api/webauthn/register/complete":
post:
description: Complete a WebAuthn registration ceremony by validating the client
request and saving the new credential
operationId: completeWebAuthnRegistrationWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnRegisterCompleteRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnRegisterCompleteResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/lambda/search":
post:
description: Searches lambdas with the specified criteria and pagination.
operationId: searchLambdasWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LambdaSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user-action":
get:
description: Retrieves all the user actions that are currently inactive. OR
Retrieves the user action for the given Id. If you pass in null for the id,
this will return all the user actions.
operationId: retrieveUserAction
parameters:
- name: inactive
in: query
schema:
type: string
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
post:
description: Creates a user action. This action cannot be taken on a user until
this call successfully returns. Anytime after that the user action can be
applied to any user.
operationId: createUserAction
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/comment/{userId}":
get:
description: Retrieves all the comments for the user with the given Id.
operationId: retrieveUserCommentsWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserCommentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webauthn/{id}":
get:
description: Retrieves the WebAuthn credential for the given Id.
operationId: retrieveWebAuthnCredentialWithId
parameters:
- name: id
in: path
schema:
type: string
required: true
description: The Id of the WebAuthn credential.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnCredentialResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the WebAuthn credential for the given Id.
operationId: deleteWebAuthnCredentialWithId
parameters:
- name: id
in: path
schema:
type: string
required: true
description: The Id of the WebAuthn credential to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webauthn/register/start":
post:
description: Start a WebAuthn registration ceremony by generating a new challenge
for the user
operationId: startWebAuthnRegistrationWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnRegisterStartRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnRegisterStartResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/comment/search":
post:
description: Searches user comments with the specified criteria and pagination.
operationId: searchUserCommentsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserCommentSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserCommentSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/jwt/vend":
post:
description: It's a JWT vending machine! Issue a new access token (JWT) with
the provided claims in the request. This JWT is not scoped to a tenant or
user, it is a free form token that will contain what claims you provide.
The iat, exp and jti claims will be added by FusionAuth, all other claims
must be provided by the caller. If a TTL is not provided in the request,
the TTL will be retrieved from the default Tenant or the Tenant specified
on the request either by way of the X-FusionAuth-TenantId request header,
or a tenant scoped API key.
operationId: vendJWTWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/JWTVendRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/JWTVendResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/key/search":
post:
description: Searches keys with the specified criteria and pagination.
operationId: searchKeysWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/KeySearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeySearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/form/field/{fieldId}":
put:
description: Updates the form field with the given Id.
operationId: updateFormFieldWithId
parameters:
- name: fieldId
in: path
schema:
type: string
required: true
description: The Id of the form field to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a form field. You can optionally specify an Id for the
form, if not provided one will be generated.
operationId: createFormFieldWithId
parameters:
- name: fieldId
in: path
schema:
type: string
required: true
description: The Id for the form field. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the form field for the given Id.
operationId: deleteFormFieldWithId
parameters:
- name: fieldId
in: path
schema:
type: string
required: true
description: The Id of the form field to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the form field with the given Id.
operationId: retrieveFormFieldWithId
parameters:
- name: fieldId
in: path
schema:
type: string
required: true
description: The Id of the form field.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldResponse"
default:
description: Error
"/api/key/import/{keyId}":
post:
description: Import an existing RSA or EC key pair or an HMAC secret.
operationId: importKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id for the key. If not provided a secure random UUID will
be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/key/import":
post:
description: Import an existing RSA or EC key pair or an HMAC secret.
operationId: importKey
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider":
get:
description: Retrieves one or more identity provider for the given type. For
types such as Google, Facebook, Twitter and LinkedIn, only a single identity
provider can exist. For types such as OpenID Connect and SAMLv2 more than
one identity provider can be configured so this request may return multiple
identity providers.
operationId: retrieveIdentityProviderByTypeWithId
parameters:
- name: type
in: query
schema:
type: string
description: The type of the identity provider.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an identity provider. You can optionally specify an Id
for the identity provider, if not provided one will be generated.
operationId: createIdentityProvider
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/consent/search":
post:
description: Searches consents with the specified criteria and pagination.
operationId: searchConsentsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/start":
post:
description: Begins a login request for a 3rd party login that requires user
interaction such as HYPR.
operationId: startIdentityProviderLoginWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderStartLoginRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderStartLoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/entity/type/{entityTypeId}/permission/{permissionId}":
put:
description: Updates the permission with the given id for the entity type.
operationId: updateEntityTypePermissionWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the entityType that the permission belongs to.
- name: permissionId
in: path
schema:
type: string
required: true
description: The Id of the permission to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Hard deletes a permission. This is a dangerous operation and should
not be used in most circumstances. This permanently removes the given permission
from all grants that had it.
operationId: deleteEntityTypePermissionWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the entityType the the permission belongs to.
- name: permissionId
in: path
schema:
type: string
required: true
description: The Id of the permission to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a new permission for an entity type. You must specify the
id of the entity type you are creating the permission for. You can optionally
specify an Id for the permission inside the EntityTypePermission object itself,
if not provided one will be generated.
operationId: createEntityTypePermissionWithId
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the entity type to create the permission on.
- name: permissionId
in: path
schema:
type: string
required: true
description: The Id of the permission. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/two-factor/recovery-code/{userId}":
post:
description: Generate two-factor recovery codes for a user. Generating two-factor
recovery codes will invalidate any existing recovery codes.
operationId: generateTwoFactorRecoveryCodesWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to generate new Two Factor recovery codes.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorRecoveryCodeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieve two-factor recovery codes for a user.
operationId: retrieveTwoFactorRecoveryCodesWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to retrieve Two Factor recovery codes.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorRecoveryCodeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/two-factor/send":
post:
description: Send a Two Factor authentication code to assist in setting up Two
Factor authentication or disabling.
operationId: sendTwoFactorCodeForEnableDisableWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorSendRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/tenant/password-validation-rules/{tenantId}":
get:
description: Retrieves the password validation rules for a specific tenant. This
API does not require an API key.
operationId: retrievePasswordValidationRulesWithTenantIdWithId
security: []
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id of the tenant.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordValidationRulesResponse"
default:
description: Error
"/api/user/registration":
post:
description: Registers a user for an application. If you provide the User and
the UserRegistration object on this request, it will create the user as well
as register them for the application. This is called a Full Registration.
However, if you only provide the UserRegistration object, then the user must
already exist and they will be registered for the application. The user id
can also be provided and it will either be used to look up an existing user
or it will be used for the newly created User.
operationId: register
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/form/field":
post:
description: Creates a form field. You can optionally specify an Id for the
form, if not provided one will be generated.
operationId: createFormField
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FormFieldResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/entity/type/search":
post:
description: Searches the entity types with the specified criteria and pagination.
operationId: searchEntityTypesWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/system/audit-log/{auditLogId}":
get:
description: Retrieves a single audit log for the given Id.
operationId: retrieveAuditLogWithId
parameters:
- name: auditLogId
in: path
schema:
type: string
required: true
description: The Id of the audit log to retrieve.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/AuditLogResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/entity/type/{entityTypeId}/permission":
post:
description: Creates a new permission for an entity type. You must specify the
id of the entity type you are creating the permission for. You can optionally
specify an Id for the permission inside the EntityTypePermission object itself,
if not provided one will be generated.
operationId: createEntityTypePermission
parameters:
- name: entityTypeId
in: path
schema:
type: string
required: true
description: The Id of the entity type to create the permission on.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityTypeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/entity/{entityId}/grant":
delete:
description: Deletes an Entity Grant for the given User or Entity.
operationId: deleteEntityGrantWithId
parameters:
- name: recipientEntityId
in: query
schema:
type: string
description: The Id of the Entity that the Entity Grant is for.
- name: userId
in: query
schema:
type: string
description: The Id of the User that the Entity Grant is for.
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity that the Entity Grant is being deleted for.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates or updates an Entity Grant. This is when a User/Entity
is granted permissions to an Entity.
operationId: upsertEntityGrantWithId
parameters:
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity that the User/Entity is being granted access
to.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityGrantRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves an Entity Grant for the given Entity and User/Entity.
operationId: retrieveEntityGrantWithId
parameters:
- name: recipientEntityId
in: query
schema:
type: string
description: The Id of the Entity that the Entity Grant is for.
- name: userId
in: query
schema:
type: string
description: The Id of the User that the Entity Grant is for.
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityGrantResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/consent":
post:
description: Creates a user consent type. You can optionally specify an Id for
the consent type, if not provided one will be generated.
operationId: createConsent
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application/{applicationId}/oauth-configuration":
get:
description: Retrieves the Oauth2 configuration for the application for the
given Application Id.
operationId: retrieveOauthConfigurationWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the Application to retrieve OAuth configuration.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/OAuthConfigurationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/search":
post:
description: Searches identity providers with the specified criteria and pagination.
operationId: searchIdentityProvidersWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user-action-reason":
post:
description: Creates a user reason. This user action reason cannot be used when
actioning a user until this call completes successfully. Anytime after that
the user action reason can be used.
operationId: createUserActionReason
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the user action reason for the given Id. If you pass
in null for the id, this will return all the user action reasons.
operationId: retrieveUserActionReason
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
"/api/system/event-log/search":
post:
description: Searches the event logs with the specified criteria and pagination.
operationId: searchEventLogsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EventLogSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EventLogSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/theme/search":
post:
description: Searches themes with the specified criteria and pagination.
operationId: searchThemesWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/oauth2/userinfo":
get:
description: Call the UserInfo endpoint to retrieve User Claims from the access
token issued by FusionAuth.
operationId: retrieveUserInfoFromAccessTokenWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserinfoResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/OAuthError"
"/api/jwt/issue":
get:
description: Issue a new access token (JWT) for the requested Application after
ensuring the provided JWT is valid. A valid access token is properly signed
and not expired. This API may be used in an SSO configuration to issue
new tokens for another application after the user has obtained a valid token
from authentication.
operationId: issueJWTWithId
security: []
parameters:
- name: applicationId
in: query
schema:
type: string
description: The Application Id for which you are requesting a new access
token be issued.
- name: refreshToken
in: query
schema:
type: string
description: An existing refresh token used to request a refresh token in
addition to a JWT in the response. The target application represented
by the applicationId request parameter must have refresh tokens enabled
in order to receive a refresh token in the response.
type: string
enum:
- Bearer
- MAC
GroupSearchResponse:
description: Search response for Groups
type: object
properties:
groups:
type: array
items:
"$ref": "#/components/schemas/Group"
total:
type: integer
format: int64
XMLSignatureLocation:
type: string
enum:
- Assertion
- Response
UserCommentSearchCriteria:
description: Search criteria for user comments.
type: object
properties:
comment:
type: string
commenterId:
type: string
format: uuid
tenantId:
type: string
format: uuid
userId:
type: string
format: uuid
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
LinkedInIdentityProvider:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/LinkedInApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
Webhook:
description: A server where events are sent. This includes user action events
and any other events sent by FusionAuth.
type: object
properties:
connectTimeout:
type: integer
data:
type: object
additionalProperties:
type: object
description:
type: string
eventsEnabled:
type: object
additionalProperties:
type: boolean
global:
type: boolean
headers:
"$ref": "#/components/schemas/HTTPHeaders"
httpAuthenticationPassword:
type: string
httpAuthenticationUsername:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
readTimeout:
type: integer
sslCertificate:
type: string
tenantIds:
type: array
items:
type: string
format: uuid
url:
type: string
format: URI
TwoFactorLoginRequest:
description: ''
type: object
properties:
code:
type: string
trustComputer:
type: boolean
twoFactorId:
type: string
userId:
type: string
format: uuid
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
EntityGrantRequest:
description: Entity grant API request object.
type: object
properties:
grant:
"$ref": "#/components/schemas/EntityGrant"
IdentityProviderLinkResponse:
description: ''
type: object
properties:
identityProviderLink:
"$ref": "#/components/schemas/IdentityProviderLink"
identityProviderLinks:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderLink"
HistoryItem:
type: object
properties:
actionerUserId:
type: string
format: uuid
comment:
type: string
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
expiry:
"$ref": "#/components/schemas/ZonedDateTime"
BaseExportRequest:
description: ''
type: object
properties:
dateTimeSecondsFormat:
type: string
zoneId:
"$ref": "#/components/schemas/ZoneId"
GoogleIdentityProviderProperties:
description: Google social login provider parameters.
type: object
properties:
api:
type: string
button:
type: string
OAuthError:
description: ''
type: object
properties:
change_password_id:
type: string
error_description:
type: string
error:
"$ref": "#/components/schemas/OAuthErrorType"
error_uri:
type: string
two_factor_methods:
type: array
items:
"$ref": "#/components/schemas/TwoFactorMethod"
error_reason:
"$ref": "#/components/schemas/OAuthErrorReason"
two_factor_id:
type: string
TwoFactorRecoveryCodeResponse:
description: ''
type: object
properties:
recoveryCodes:
type: array
items:
type: string
AuthenticatorAttachmentPreference:
description: Describes the authenticator attachment modality preference for
a WebAuthn workflow. See {@link AuthenticatorAttachment}
type: string
enum:
- any
- platform
- crossPlatform
GroupUpdateCompleteEvent:
description: Models the Group Update Complete Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
original:
"$ref": "#/components/schemas/Group"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ConnectorLambdaConfiguration:
type: object
properties:
reconcileId:
type: string
format: uuid
LambdaSearchCriteria:
description: Search criteria for Lambdas
type: object
properties:
body:
type: string
name:
type: string
type:
"$ref": "#/components/schemas/LambdaType"
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
SystemConfiguration:
description: ''
type: object
properties:
auditLogConfiguration:
"$ref": "#/components/schemas/AuditLogConfiguration"
corsConfiguration:
"$ref": "#/components/schemas/CORSConfiguration"
data:
type: object
additionalProperties:
type: object
eventLogConfiguration:
"$ref": "#/components/schemas/EventLogConfiguration"
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
loginRecordConfiguration:
"$ref": "#/components/schemas/LoginRecordConfiguration"
reportTimezone:
"$ref": "#/components/schemas/ZoneId"
uiConfiguration:
"$ref": "#/components/schemas/UIConfiguration"
IPAccessControlEntryAction:
description: ''
type: string
enum:
- Allow
- Block
WebhookRequest:
description: Webhook API request object.
type: object
properties:
webhook:
"$ref": "#/components/schemas/Webhook"
FormFieldResponse:
description: Form field response.
type: object
properties:
field:
"$ref": "#/components/schemas/FormField"
fields:
type: array
items:
"$ref": "#/components/schemas/FormField"
MessageType:
description: ''
type: string
enum:
- SMS
BaseConnectorConfiguration:
description: Do not require a setter for 'type', it is defined by the concrete
class and is not mutable
type: object
properties:
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
"$ref": "#/components/schemas/ConnectorType"
FailedAuthenticationConfiguration:
description: Configuration for the behavior of failed login attempts. This helps
us protect against brute force password attacks.
type: object
properties:
actionCancelPolicy:
"$ref": "#/components/schemas/FailedAuthenticationActionCancelPolicy"
actionDuration:
type: integer
format: int64
actionDurationUnit:
"$ref": "#/components/schemas/ExpiryUnit"
emailUser:
type: boolean
resetCountInSeconds:
type: integer
tooManyAttempts:
type: integer
userActionId:
type: string
format: uuid
TenantSearchCriteria:
description: Search criteria for Tenants
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
TenantSCIMServerConfiguration:
description: ''
type: object
properties:
clientEntityTypeId:
type: string
format: uuid
schemas:
type: object
additionalProperties:
type: object
serverEntityTypeId:
type: string
format: uuid
enabled:
type: boolean
EmailAddress:
description: An email address.
type: object
properties:
address:
type: string
display:
type: string
ContentStatus:
description: Status for content like usernames, profile attributes, etc.
type: string
enum:
- ACTIVE
- PENDING
- REJECTED
GenericMessengerConfiguration:
description: ''
type: object
properties:
connectTimeout:
type: integer
headers:
"$ref": "#/components/schemas/HTTPHeaders"
httpAuthenticationPassword:
type: string
httpAuthenticationUsername:
type: string
readTimeout:
type: integer
sslCertificate:
type: string
url:
type: string
format: URI
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
transport:
type: string
type:
"$ref": "#/components/schemas/MessengerType"
FormControl:
description: ''
type: string
enum:
- checkbox
- number
- password
- radio
- select
- textarea
- text
BreachMatchMode:
type: string
enum:
- Low
- Medium
- High
GroupMemberSearchCriteria:
description: Search criteria for Group Members
type: object
properties:
groupId:
type: string
format: uuid
tenantId:
type: string
format: uuid
userId:
type: string
format: uuid
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
CoseKeyType:
description: COSE key type
type: string
enum:
- Reserved
- OKP
- EC2
- RSA
- Symmetric
UserRequest:
description: User API request object.
type: object
properties:
applicationId:
type: string
format: uuid
currentPassword:
type: string
disableDomainBlock:
type: boolean
sendSetPasswordEmail:
type: boolean
skipVerification:
type: boolean
user:
"$ref": "#/components/schemas/User"
eventInfo:
"$ref": "#/components/schemas/EventInfo"
UserDeleteResponse:
description: User API bulk response object.
type: object
properties:
dryRun:
type: boolean
hardDelete:
type: boolean
total:
type: integer
userIds:
type: array
items:
type: string
ChangePasswordRequest:
description: Change password request object.
type: object
properties:
applicationId:
type: string
format: uuid
changePasswordId:
type: string
currentPassword:
type: string
loginId:
type: string
password:
type: string
refreshToken:
type: string
trustChallenge:
type: string
trustToken:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
SAMLv2Configuration:
type: object
properties:
assertionEncryptionConfiguration:
"$ref": "#/components/schemas/SAMLv2AssertionEncryptionConfiguration"
audience:
type: string
authorizedRedirectURLs:
type: array
items:
type: string
format: URI
debug:
type: boolean
defaultVerificationKeyId:
type: string
format: uuid
initiatedLogin:
"$ref": "#/components/schemas/SAMLv2IdPInitiatedLoginConfiguration"
issuer:
type: string
keyId:
type: string
format: uuid
loginHintConfiguration:
"$ref": "#/components/schemas/LoginHintConfiguration"
logout:
"$ref": "#/components/schemas/SAMLv2Logout"
logoutURL:
type: string
format: URI
requireSignedRequests:
type: boolean
xmlSignatureC14nMethod:
"$ref": "#/components/schemas/CanonicalizationMethod"
xmlSignatureLocation:
"$ref": "#/components/schemas/XMLSignatureLocation"
callbackURL:
type: string
format: URI
enabled:
type: boolean
CleanSpeakConfiguration:
description: CleanSpeak configuration at the system and application level.
type: object
properties:
apiKey:
type: string
applicationIds:
type: array
items:
type: string
format: uuid
url:
type: string
format: URI
usernameModeration:
"$ref": "#/components/schemas/UsernameModeration"
enabled:
type: boolean
UserActionResponse:
description: User Action API response object.
type: object
properties:
userAction:
"$ref": "#/components/schemas/UserAction"
userActions:
type: array
items:
"$ref": "#/components/schemas/UserAction"
SAMLv2DestinationAssertionPolicy:
description: ''
type: string
enum:
- Enabled
- Disabled
- AllowAlternates
WebAuthnStartResponse:
description: API response for starting a WebAuthn authentication ceremony
type: object
properties:
options:
"$ref": "#/components/schemas/PublicKeyCredentialRequestOptions"
ThemeResponse:
description: Theme API response object.
type: object
properties:
theme:
"$ref": "#/components/schemas/Theme"
themes:
type: array
items:
"$ref": "#/components/schemas/Theme"
PublicKeyCredentialType:
description: Defines valid credential types. This is an extension point in the
WebAuthn spec. The only defined value at this time is "public-key"
type: string
enum:
- publicKey
OAuthResponse:
description: ''
type: object
properties: {}
FormFieldAdminPolicy:
description: ''
type: string
enum:
- Edit
- View
EmailPlus:
type: object
properties:
emailTemplateId:
type: string
format: uuid
maximumTimeToSendEmailInHours:
type: integer
minimumTimeToSendEmailInHours:
type: integer
enabled:
type: boolean
FamilyResponse:
description: API response for managing families and members.
type: object
properties:
families:
type: array
items:
"$ref": "#/components/schemas/Family"
family:
"$ref": "#/components/schemas/Family"
EntityTypePermission:
description: Models a specific entity type permission. This permission can be
granted to users or other entities.
type: object
properties:
data:
type: object
additionalProperties:
type: object
description:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
isDefault:
type: boolean
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
RateLimitedRequestConfiguration:
description: ''
type: object
properties:
limit:
type: integer
timePeriodInSeconds:
type: integer
enabled:
type: boolean
ReactorStatus:
description: ''
type: object
properties:
advancedIdentityProviders:
"$ref": "#/components/schemas/ReactorFeatureStatus"
advancedLambdas:
"$ref": "#/components/schemas/ReactorFeatureStatus"
advancedMultiFactorAuthentication:
"$ref": "#/components/schemas/ReactorFeatureStatus"
advancedRegistration:
"$ref": "#/components/schemas/ReactorFeatureStatus"
applicationMultiFactorAuthentication:
"$ref": "#/components/schemas/ReactorFeatureStatus"
applicationThemes:
"$ref": "#/components/schemas/ReactorFeatureStatus"
breachedPasswordDetection:
"$ref": "#/components/schemas/ReactorFeatureStatus"
connectors:
"$ref": "#/components/schemas/ReactorFeatureStatus"
entityManagement:
"$ref": "#/components/schemas/ReactorFeatureStatus"
expiration:
"$ref": "#/components/schemas/LocalDate"
licenseAttributes:
type: object
additionalProperties:
type: string
licensed:
type: boolean
scimServer:
"$ref": "#/components/schemas/ReactorFeatureStatus"
threatDetection:
"$ref": "#/components/schemas/ReactorFeatureStatus"
webAuthn:
"$ref": "#/components/schemas/ReactorFeatureStatus"
webAuthnPlatformAuthenticators:
"$ref": "#/components/schemas/ReactorFeatureStatus"
webAuthnRoamingAuthenticators:
"$ref": "#/components/schemas/ReactorFeatureStatus"
FamilyMember:
description: Models a single family member.
type: object
properties:
data:
type: object
additionalProperties:
type: object
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
owner:
type: boolean
role:
"$ref": "#/components/schemas/FamilyRole"
userId:
type: string
format: uuid
CertificateInformation:
type: object
properties:
issuer:
type: string
md5Fingerprint:
type: string
serialNumber:
type: string
sha1Fingerprint:
type: string
sha1Thumbprint:
type: string
sha256Fingerprint:
type: string
sha256Thumbprint:
type: string
subject:
type: string
validFrom:
"$ref": "#/components/schemas/ZonedDateTime"
validTo:
"$ref": "#/components/schemas/ZonedDateTime"
PasswordlessStartResponse:
description: ''
type: object
properties:
code:
type: string
DailyActiveUserReportResponse:
description: Response for the daily active user report.
type: object
properties:
dailyActiveUsers:
type: array
items:
"$ref": "#/components/schemas/Count"
total:
type: integer
format: int64
VersionResponse:
description: ''
type: object
properties:
version:
type: string
PreviewMessageTemplateRequest:
description: ''
type: object
properties:
locale:
"$ref": "#/components/schemas/Locale"
messageTemplate:
"$ref": "#/components/schemas/MessageTemplate"
IssueResponse:
description: ''
type: object
properties:
refreshToken:
type: string
token:
type: string
LoginReportResponse:
description: Response for the login report.
type: object
properties:
hourlyCounts:
type: array
items:
"$ref": "#/components/schemas/Count"
total:
type: integer
format: int64
HTTPMethod:
description: ''
type: string
enum:
- GET
- POST
- PUT
- DELETE
- HEAD
- OPTIONS
- PATCH
Message:
description: ''
type: object
properties: {}
MultiFactorEmailMethod:
type: object
properties:
templateId:
type: string
format: uuid
enabled:
type: boolean
ConnectorRequest:
description: ''
type: object
properties:
connector:
"$ref": "#/components/schemas/BaseConnectorConfiguration"
UserCreateCompleteEvent:
description: Models the User Created Event.
From RFC
7519 Section 1. Introduction: The suggested pronunciation of JWT is the
same as the English word "jot". The JWT is not Thread-Safe and should
not be re-used.'
type: object
properties:
aud:
type: object
exp:
"$ref": "#/components/schemas/ZonedDateTime"
iat:
"$ref": "#/components/schemas/ZonedDateTime"
iss:
type: string
nbf:
"$ref": "#/components/schemas/ZonedDateTime"
otherClaims:
type: object
additionalProperties:
type: object
sub:
type: string
jti:
type: string
Tenantable:
description: ''
type: object
properties: {}
AuthenticatorSelectionCriteria:
description: Used by the Relying Party to specify their requirements for authenticator
attributes. Fields use the deprecated "resident key" terminology to refer to
client-side discoverable credentials to maintain backwards compatibility with
WebAuthn Level 1.
type: object
properties:
authenticatorAttachment:
"$ref": "#/components/schemas/AuthenticatorAttachment"
requireResidentKey:
type: boolean
residentKey:
"$ref": "#/components/schemas/ResidentKeyRequirement"
userVerification:
"$ref": "#/components/schemas/UserVerificationRequirement"
ApplicationWebAuthnWorkflowConfiguration:
description: ''
type: object
properties:
enabled:
type: boolean
AttestationConveyancePreference:
description: Used to communicate whether and how authenticator attestation should
be delivered to the Relying Party
type: string
enum:
- none
- indirect
- direct
- enterprise
SAMLv2IdentityProvider:
description: SAML v2 identity provider configuration.
type: object
properties:
domains:
type: array
uniqueItems: true
items: {}
assertionConfiguration:
"$ref": "#/components/schemas/SAMLv2AssertionConfiguration"
buttonImageURL:
type: string
format: URI
buttonText:
type: string
idpEndpoint:
type: string
format: URI
idpInitiatedConfiguration:
"$ref": "#/components/schemas/SAMLv2IdpInitiatedConfiguration"
issuer:
type: string
loginHintConfiguration:
"$ref": "#/components/schemas/LoginHintConfiguration"
nameIdFormat:
type: string
postRequest:
type: boolean
requestSigningKeyId:
type: string
format: uuid
signRequest:
type: boolean
xmlSignatureC14nMethod:
"$ref": "#/components/schemas/CanonicalizationMethod"
emailClaim:
type: string
keyId:
type: string
format: uuid
uniqueIdClaim:
type: string
useNameIdForEmail:
type: boolean
usernameClaim:
type: string
FacebookIdentityProvider:
description: Facebook social login provider.
type: object
properties:
appId:
type: string
buttonText:
type: string
client_secret:
type: string
fields:
type: string
loginMethod:
"$ref": "#/components/schemas/IdentityProviderLoginMethod"
permissions:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/FacebookApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
LocalizedIntegers:
description: Models a set of localized Integers that can be stored as JSON.
type: object
properties: {}
DomainBasedIdentityProvider:
description: Interface for all identity providers that can be domain based.
type: object
properties: {}
ObjectState:
description: ''
type: string
enum:
- Active
- Inactive
- PendingDelete
EmailTemplateRequest:
description: Email template request.
type: object
properties:
emailTemplate:
"$ref": "#/components/schemas/EmailTemplate"
WebAuthnRegisterCompleteResponse:
description: API response for completing WebAuthn credential registration or
assertion
type: object
properties:
credential:
"$ref": "#/components/schemas/WebAuthnCredential"
IdentityProviderDetails:
type: object
properties:
applicationIds:
type: array
items:
type: string
format: uuid
id:
type: string
format: uuid
idpEndpoint:
type: string
format: URI
name:
type: string
oauth2:
"$ref": "#/components/schemas/IdentityProviderOauth2Configuration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
ApplicationEvent:
description: Events that are bound to applications.
type: object
properties: {}
AuthenticationThreats:
description: ''
type: string
enum:
- ImpossibleTravel
TenantRequest:
description: ''
type: object
properties:
sourceTenantId:
type: string
format: uuid
tenant:
"$ref": "#/components/schemas/Tenant"
webhookIds:
type: array
items:
type: string
format: uuid
eventInfo:
"$ref": "#/components/schemas/EventInfo"
IPAccessControlListSearchCriteria:
description: ''
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
AppleApplicationConfiguration:
description: ''
type: object
properties:
bundleId:
type: string
buttonText:
type: string
keyId:
type: string
format: uuid
scope:
type: string
servicesId:
type: string
teamId:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
TenantWebAuthnWorkflowConfiguration:
description: ''
type: object
properties:
authenticatorAttachmentPreference:
"$ref": "#/components/schemas/AuthenticatorAttachmentPreference"
userVerificationRequirement:
"$ref": "#/components/schemas/UserVerificationRequirement"
enabled:
type: boolean
UserTwoFactorMethodRemoveEvent:
description: Model a user event when a two-factor method has been added.
type: object
properties:
method:
"$ref": "#/components/schemas/TwoFactorMethod"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
UsernameModeration:
type: object
properties:
applicationId:
type: string
format: uuid
enabled:
type: boolean
APIKeyRequest:
description: Authentication key request object.
type: object
properties:
apiKey:
"$ref": "#/components/schemas/APIKey"
sourceKeyId:
type: string
format: uuid
EventConfigurationData:
type: object
properties:
transactionType:
"$ref": "#/components/schemas/TransactionType"
enabled:
type: boolean
WebAuthnAuthenticatorRegistrationResponse:
description: The authenticator's response for the registration ceremony
in its encoded format
type: object
properties:
attestationObject:
type: string
clientDataJSON:
type: string
PasswordlessLoginRequest:
description: ''
type: object
properties:
code:
type: string
twoFactorTrustId:
type: string
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
ConsentSearchCriteria:
description: Search criteria for Consents
type: object
properties:
name:
type: string
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
JWTConfiguration:
description: JWT Configuration. A JWT Configuration for an Application may not
be active if it is using the global configuration, the configuration may
be enabled = false.
type: object
properties:
accessTokenKeyId:
type: string
format: uuid
idTokenKeyId:
type: string
format: uuid
refreshTokenExpirationPolicy:
"$ref": "#/components/schemas/RefreshTokenExpirationPolicy"
refreshTokenRevocationPolicy:
"$ref": "#/components/schemas/RefreshTokenRevocationPolicy"
refreshTokenSlidingWindowConfiguration:
"$ref": "#/components/schemas/RefreshTokenSlidingWindowConfiguration"
refreshTokenTimeToLiveInMinutes:
type: integer
refreshTokenUsagePolicy:
"$ref": "#/components/schemas/RefreshTokenUsagePolicy"
timeToLiveInSeconds:
type: integer
enabled:
type: boolean
EmailTemplateErrors:
type: object
properties:
parseErrors:
type: object
additionalProperties:
type: string
renderErrors:
type: object
additionalProperties:
type: string
UserLoginSuspiciousEvent:
description: Models the User Login event that is suspicious.
type: object
properties:
threatsDetected:
type: array
uniqueItems: true
items: {}
applicationId:
type: string
format: uuid
authenticationType:
type: string
connectorId:
type: string
format: uuid
identityProviderId:
type: string
format: uuid
identityProviderName:
type: string
ipAddress:
type: string
user:
"$ref": "#/components/schemas/User"
ResidentKeyRequirement:
description: Describes the Relying Party's requirements for client-side discoverable
credentials (formerly known as "resident keys")
type: string
enum:
- discouraged
- preferred
- required
TestEvent:
description: ''
type: object
properties:
message:
type: string
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
WebhookResponse:
description: Webhook API response object.
type: object
properties:
webhook:
"$ref": "#/components/schemas/Webhook"
webhooks:
type: array
items:
"$ref": "#/components/schemas/Webhook"
EventInfo:
description: Information about a user event (login, register, etc) that helps
identify the source of the event (location, device type, OS, etc).
type: object
properties:
data:
type: object
additionalProperties:
type: object
deviceDescription:
type: string
deviceName:
type: string
deviceType:
type: string
ipAddress:
type: string
location:
"$ref": "#/components/schemas/Location"
os:
type: string
userAgent:
type: string
LambdaResponse:
description: Lambda API response object.
type: object
properties:
lambda:
"$ref": "#/components/schemas/Lambda"
lambdas:
type: array
items:
"$ref": "#/components/schemas/Lambda"
ClientAuthenticationPolicy:
description: ''
type: string
enum:
- Required
- NotRequired
- NotRequiredWhenUsingPKCE
RefreshTokenUsagePolicy:
description: ''
type: string
enum:
- Reusable
- OneTimeUse
EventRequest:
description: Container for the event information. This is the JSON that is sent
from FusionAuth to webhooks.
type: object
properties:
event:
"$ref": "#/components/schemas/BaseEvent"
Integrations:
description: Available Integrations
type: object
properties:
cleanspeak:
"$ref": "#/components/schemas/CleanSpeakConfiguration"
kafka:
"$ref": "#/components/schemas/KafkaConfiguration"
UserPasswordUpdateEvent:
description: Models the User Password Update Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
Errors:
description: Standard error domain object that can also be used as the response
from an API call.
type: object
properties:
fieldErrors:
type: array
items:
"$ref": "#/components/schemas/Error"
generalErrors:
type: array
items:
"$ref": "#/components/schemas/Error"
PreviewMessageTemplateResponse:
description: ''
type: object
properties:
errors:
"$ref": "#/components/schemas/Errors"
message:
"$ref": "#/components/schemas/SMSMessage"
TenantFormConfiguration:
description: ''
type: object
properties:
adminUserFormId:
type: string
format: uuid
DeviceType:
type: string
enum:
- BROWSER
- DESKTOP
- LAPTOP
- MOBILE
- OTHER
- SERVER
- TABLET
- TV
- UNKNOWN
EventLog:
description: Event log used internally by FusionAuth to help developers debug
hooks, Webhooks, email templates, etc.
type: object
properties:
id:
type: integer
format: int64
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
message:
type: string
type:
"$ref": "#/components/schemas/EventLogType"
Attachment:
description: This class is a simple attachment with a byte array, name and MIME
type.
type: object
properties:
attachment:
type: string
format: binary
mime:
type: string
name:
type: string
EntityGrant:
description: A grant for an entity to a user or another entity.
type: object
properties:
data:
type: object
additionalProperties:
type: object
entity:
"$ref": "#/components/schemas/Entity"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
permissions:
type: array
uniqueItems: true
items: {}
recipientEntityId:
type: string
format: uuid
userId:
type: string
format: uuid
UserCommentSearchResponse:
description: User comment search response
type: object
properties:
total:
type: integer
format: int64
userComments:
type: array
items:
"$ref": "#/components/schemas/UserComment"
CaptchaMethod:
description: ''
type: string
enum:
- GoogleRecaptchaV2
- GoogleRecaptchaV3
- HCaptcha
- HCaptchaEnterprise
Application:
description: ''
type: object
properties:
accessControlConfiguration:
"$ref": "#/components/schemas/ApplicationAccessControlConfiguration"
active:
type: boolean
authenticationTokenConfiguration:
"$ref": "#/components/schemas/AuthenticationTokenConfiguration"
cleanSpeakConfiguration:
"$ref": "#/components/schemas/CleanSpeakConfiguration"
data:
type: object
additionalProperties:
type: object
emailConfiguration:
"$ref": "#/components/schemas/ApplicationEmailConfiguration"
externalIdentifierConfiguration:
"$ref": "#/components/schemas/ApplicationExternalIdentifierConfiguration"
formConfiguration:
"$ref": "#/components/schemas/ApplicationFormConfiguration"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
jwtConfiguration:
"$ref": "#/components/schemas/JWTConfiguration"
lambdaConfiguration:
"$ref": "#/components/schemas/LambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
loginConfiguration:
"$ref": "#/components/schemas/LoginConfiguration"
multiFactorConfiguration:
"$ref": "#/components/schemas/ApplicationMultiFactorConfiguration"
name:
type: string
oauthConfiguration:
"$ref": "#/components/schemas/OAuth2Configuration"
passwordlessConfiguration:
"$ref": "#/components/schemas/PasswordlessConfiguration"
registrationConfiguration:
"$ref": "#/components/schemas/RegistrationConfiguration"
registrationDeletePolicy:
"$ref": "#/components/schemas/ApplicationRegistrationDeletePolicy"
roles:
type: array
items:
"$ref": "#/components/schemas/ApplicationRole"
samlv2Configuration:
"$ref": "#/components/schemas/SAMLv2Configuration"
state:
"$ref": "#/components/schemas/ObjectState"
tenantId:
type: string
format: uuid
themeId:
type: string
format: uuid
unverified:
"$ref": "#/components/schemas/RegistrationUnverifiedOptions"
verificationEmailTemplateId:
type: string
format: uuid
verificationStrategy:
"$ref": "#/components/schemas/VerificationStrategy"
verifyRegistration:
type: boolean
webAuthnConfiguration:
"$ref": "#/components/schemas/ApplicationWebAuthnConfiguration"
SortField:
description: ''
type: object
properties:
missing:
type: string
name:
type: string
order:
"$ref": "#/components/schemas/Sort"
SAMLv2IdPInitiatedIdentityProvider:
description: SAML v2 IdP Initiated identity provider configuration.
type: object
properties:
issuer:
type: string
emailClaim:
type: string
keyId:
type: string
format: uuid
uniqueIdClaim:
type: string
useNameIdForEmail:
type: boolean
usernameClaim:
type: string
EventLogSearchCriteria:
description: Search criteria for the event log.
type: object
properties:
end:
"$ref": "#/components/schemas/ZonedDateTime"
message:
type: string
start:
"$ref": "#/components/schemas/ZonedDateTime"
type:
"$ref": "#/components/schemas/EventLogType"
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
KeyAlgorithm:
type: string
enum:
- ES256
- ES384
- ES512
- HS256
- HS384
- HS512
- RS256
- RS384
- RS512
JWTVendResponse:
description: ''
type: object
properties:
token:
type: string
ReindexRequest:
description: Reindex API request
type: object
properties:
index:
type: string
EntityGrantResponse:
description: Entity grant API response object.
type: object
properties:
grants:
type: array
items:
"$ref": "#/components/schemas/EntityGrant"
grant:
"$ref": "#/components/schemas/EntityGrant"
RegistrationConfiguration:
type: object
properties:
birthDate:
"$ref": "#/components/schemas/Requirable"
confirmPassword:
type: boolean
firstName:
"$ref": "#/components/schemas/Requirable"
formId:
type: string
format: uuid
fullName:
"$ref": "#/components/schemas/Requirable"
lastName:
"$ref": "#/components/schemas/Requirable"
loginIdType:
"$ref": "#/components/schemas/LoginIdType"
middleName:
"$ref": "#/components/schemas/Requirable"
mobilePhone:
"$ref": "#/components/schemas/Requirable"
preferredLanguages:
"$ref": "#/components/schemas/Requirable"
type:
"$ref": "#/components/schemas/RegistrationType"
enabled:
type: boolean
SupportsPostBindings:
description: Helper interface that indicates an identity provider can be federated
to using the HTTP POST method.
type: object
properties: {}
OAuth2Configuration:
description: ''
type: object
properties:
authorizedOriginURLs:
type: array
items:
type: string
format: URI
authorizedRedirectURLs:
type: array
items:
type: string
format: URI
authorizedURLValidationPolicy:
"$ref": "#/components/schemas/Oauth2AuthorizedURLValidationPolicy"
clientAuthenticationPolicy:
"$ref": "#/components/schemas/ClientAuthenticationPolicy"
clientId:
type: string
clientSecret:
type: string
debug:
type: boolean
deviceVerificationURL:
type: string
format: URI
enabledGrants:
type: array
uniqueItems: true
items: {}
generateRefreshTokens:
type: boolean
logoutBehavior:
"$ref": "#/components/schemas/LogoutBehavior"
logoutURL:
type: string
format: URI
proofKeyForCodeExchangePolicy:
"$ref": "#/components/schemas/ProofKeyForCodeExchangePolicy"
requireClientAuthentication:
type: boolean
requireRegistration:
type: boolean
TwoFactorSendRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
email:
type: string
method:
type: string
methodId:
type: string
mobilePhone:
type: string
userId:
type: string
format: uuid
ApplicationSearchCriteria:
description: Search criteria for Applications
type: object
properties:
name:
type: string
state:
"$ref": "#/components/schemas/ObjectState"
tenantId:
type: string
format: uuid
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
UserRegistrationVerifiedEvent:
description: Models the User Registration Verified Event.
type: object
properties:
applicationId:
type: string
format: uuid
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
MessageTemplateRequest:
description: A Message Template Request to the API
type: object
properties:
messageTemplate:
"$ref": "#/components/schemas/MessageTemplate"
EntityTypeRequest:
description: Entity Type API request object.
type: object
properties:
entityType:
"$ref": "#/components/schemas/EntityType"
permission:
"$ref": "#/components/schemas/EntityTypePermission"
NonTransactionalEvent:
description: A marker interface indicating this event cannot be made transactional.
type: object
properties: {}
UserCreateEvent:
description: Models the User Create Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ApplicationMultiFactorConfiguration:
description: ''
type: object
properties:
email:
"$ref": "#/components/schemas/MultiFactorEmailTemplate"
loginPolicy:
"$ref": "#/components/schemas/MultiFactorLoginPolicy"
sms:
"$ref": "#/components/schemas/MultiFactorSMSTemplate"
trustPolicy:
"$ref": "#/components/schemas/ApplicationMultiFactorTrustPolicy"
FormType:
description: ''
type: string
enum:
- registration
- adminRegistration
- adminUser
- selfServiceUser
TwoFactorRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
authenticatorId:
type: string
code:
type: string
email:
type: string
method:
type: string
mobilePhone:
type: string
secret:
type: string
secretBase32Encoded:
type: string
twoFactorId:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
UserActionReasonRequest:
description: User Action Reason API request object.
type: object
properties:
userActionReason:
"$ref": "#/components/schemas/UserActionReason"
Key:
description: Domain for a public key, key pair or an HMAC secret. This is used
by KeyMaster to manage keys for JWTs, SAML, etc.
type: object
properties:
algorithm:
"$ref": "#/components/schemas/KeyAlgorithm"
certificate:
type: string
certificateInformation:
"$ref": "#/components/schemas/CertificateInformation"
expirationInstant:
"$ref": "#/components/schemas/ZonedDateTime"
hasPrivateKey:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
issuer:
type: string
kid:
type: string
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
length:
type: integer
name:
type: string
privateKey:
type: string
publicKey:
type: string
secret:
type: string
type:
"$ref": "#/components/schemas/KeyType"
UserBulkCreateEvent:
description: Models the User Bulk Create Event.
type: object
properties:
users:
type: array
items:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
IdentityProviderOauth2Configuration:
description: ''
type: object
properties:
authorization_endpoint:
type: string
format: URI
clientAuthenticationMethod:
"$ref": "#/components/schemas/ClientAuthenticationMethod"
client_id:
type: string
client_secret:
type: string
emailClaim:
type: string
emailVerifiedClaim:
type: string
issuer:
type: string
format: URI
scope:
type: string
token_endpoint:
type: string
format: URI
uniqueIdClaim:
type: string
userinfo_endpoint:
type: string
format: URI
usernameClaim:
type: string
IntrospectResponse:
description: ''
type: object
properties: {}
RefreshTokenRevocationPolicy:
description: ''
type: object
properties:
onLoginPrevented:
type: boolean
onMultiFactorEnable:
type: boolean
onPasswordChanged:
type: boolean
MinimumPasswordAge:
description: ''
type: object
properties:
seconds:
type: integer
enabled:
type: boolean
APIKeyResponse:
description: Authentication key response object.
type: object
properties:
apiKey:
"$ref": "#/components/schemas/APIKey"
AttestationType:
description: Used to indicate what type of attestation was included in the authenticator
response for a given WebAuthn credential at the time it was created
type: string
enum:
- basic
- self
- attestationCa
- anonymizationCa
- none
GroupUpdateEvent:
description: Models the Group Update Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
original:
"$ref": "#/components/schemas/Group"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
Entity:
description: Models an entity that a user can be granted permissions to. Or
an entity that can be granted permissions to another entity.
type: object
properties:
data:
type: object
additionalProperties:
type: object
clientId:
type: string
clientSecret:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
parentId:
type: string
format: uuid
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EntityType"
KeyType:
type: string
enum:
- EC
- RSA
- HMAC
EventLogSearchRequest:
description: ''
type: object
properties:
search:
"$ref": "#/components/schemas/EventLogSearchCriteria"
ConnectorType:
description: The types of connectors. This enum is stored as an ordinal on the
identities table, order must be maintained.
type: string
enum:
- FusionAuth
- Generic
- LDAP
ImportRequest:
description: Import request.
type: object
properties:
encryptionScheme:
type: string
factor:
type: integer
users:
type: array
items:
"$ref": "#/components/schemas/User"
validateDbConstraints:
type: boolean
eventInfo:
"$ref": "#/components/schemas/EventInfo"
FormFieldValidator:
description: ''
type: object
properties:
expression:
type: string
enabled:
type: boolean
EntityGrantSearchRequest:
description: Search request for entity grants.
type: object
properties:
search:
"$ref": "#/components/schemas/EntityGrantSearchCriteria"
WebhookSearchResponse:
description: Webhook search response
type: object
properties:
total:
type: integer
format: int64
webhooks:
type: array
items:
"$ref": "#/components/schemas/Webhook"
AppleIdentityProvider:
description: ''
type: object
properties:
bundleId:
type: string
buttonText:
type: string
keyId:
type: string
format: uuid
scope:
type: string
servicesId:
type: string
teamId:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/AppleApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
UserRegistration:
description: User registration information for a single application.
type: object
properties:
data:
type: object
additionalProperties:
type: object
preferredLanguages:
type: array
items:
"$ref": "#/components/schemas/Locale"
tokens:
type: object
additionalProperties:
type: string
applicationId:
type: string
format: uuid
authenticationToken:
type: string
cleanSpeakId:
type: string
format: uuid
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastLoginInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
roles:
type: array
uniqueItems: true
items: {}
timezone:
"$ref": "#/components/schemas/ZoneId"
username:
type: string
usernameStatus:
"$ref": "#/components/schemas/ContentStatus"
verified:
type: boolean
SecureIdentity:
description: ''
type: object
properties:
breachedPasswordLastCheckedInstant:
"$ref": "#/components/schemas/ZonedDateTime"
breachedPasswordStatus:
"$ref": "#/components/schemas/BreachedPasswordStatus"
connectorId:
type: string
format: uuid
encryptionScheme:
type: string
factor:
type: integer
id:
type: string
format: uuid
lastLoginInstant:
"$ref": "#/components/schemas/ZonedDateTime"
password:
type: string
passwordChangeReason:
"$ref": "#/components/schemas/ChangePasswordReason"
passwordChangeRequired:
type: boolean
passwordLastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
salt:
type: string
uniqueUsername:
type: string
username:
type: string
usernameStatus:
"$ref": "#/components/schemas/ContentStatus"
verified:
type: boolean
ApplicationExternalIdentifierConfiguration:
description: ''
type: object
properties:
twoFactorTrustIdTimeToLiveInSeconds:
type: integer
EntityTypeResponse:
description: Entity Type API response object.
type: object
properties:
entityType:
"$ref": "#/components/schemas/EntityType"
entityTypes:
type: array
items:
"$ref": "#/components/schemas/EntityType"
permission:
"$ref": "#/components/schemas/EntityTypePermission"
LoginRecordConfiguration:
type: object
properties:
delete:
"$ref": "#/components/schemas/DeleteConfiguration"
VerifyEmailResponse:
description: ''
type: object
properties:
oneTimeCode:
type: string
verificationId:
type: string
EventConfiguration:
description: ''
type: object
properties:
events:
type: object
additionalProperties:
"$ref": "#/components/schemas/EventConfigurationData"
UserLoginIdDuplicateOnUpdateEvent:
description: Models an event where a user is being updated and tries to use
an "in-use" login Id (email or username).
type: object
properties:
duplicateEmail:
type: string
duplicateUsername:
type: string
existing:
"$ref": "#/components/schemas/User"
user:
"$ref": "#/components/schemas/User"
GroupMemberRemoveCompleteEvent:
description: Models the Group Member Remove Complete Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
EventLogConfiguration:
type: object
properties:
numberToRetain:
type: integer
IdentityProviderResponse:
description: ''
type: object
properties:
identityProvider:
"$ref": "#/components/schemas/IdentityProviderField"
identityProviders:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderField"
WebhookSearchRequest:
description: Search request for webhooks
type: object
properties:
search:
"$ref": "#/components/schemas/WebhookSearchCriteria"
GroupMemberAddCompleteEvent:
description: Models the Group Member Add Complete Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
MultiFactorLoginPolicy:
description: ''
type: string
enum:
- Disabled
- Enabled
- Required
PasswordlessStartRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
loginId:
type: string
state:
type: object
additionalProperties:
type: object
ExternalIdentifierConfiguration:
description: ''
type: object
properties:
authorizationGrantIdTimeToLiveInSeconds:
type: integer
changePasswordIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
changePasswordIdTimeToLiveInSeconds:
type: integer
deviceCodeTimeToLiveInSeconds:
type: integer
deviceUserCodeIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
emailVerificationIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
emailVerificationIdTimeToLiveInSeconds:
type: integer
emailVerificationOneTimeCodeGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
externalAuthenticationIdTimeToLiveInSeconds:
type: integer
oneTimePasswordTimeToLiveInSeconds:
type: integer
passwordlessLoginGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
passwordlessLoginTimeToLiveInSeconds:
type: integer
pendingAccountLinkTimeToLiveInSeconds:
type: integer
registrationVerificationIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
registrationVerificationIdTimeToLiveInSeconds:
type: integer
registrationVerificationOneTimeCodeGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
samlv2AuthNRequestIdTimeToLiveInSeconds:
type: integer
setupPasswordIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
setupPasswordIdTimeToLiveInSeconds:
type: integer
trustTokenTimeToLiveInSeconds:
type: integer
twoFactorIdTimeToLiveInSeconds:
type: integer
twoFactorOneTimeCodeIdGenerator:
"$ref": "#/components/schemas/SecureGeneratorConfiguration"
twoFactorOneTimeCodeIdTimeToLiveInSeconds:
type: integer
twoFactorTrustIdTimeToLiveInSeconds:
type: integer
webAuthnAuthenticationChallengeTimeToLiveInSeconds:
type: integer
webAuthnRegistrationChallengeTimeToLiveInSeconds:
type: integer
LoginRecordExportRequest:
description: ''
type: object
properties:
criteria:
"$ref": "#/components/schemas/LoginRecordSearchCriteria"
dateTimeSecondsFormat:
type: string
zoneId:
"$ref": "#/components/schemas/ZoneId"
AuthenticatorAttachment:
description: Describes the authenticator
attachment modality.
type: string
enum:
- platform
- crossPlatform
EmailTemplateResponse:
description: Email template response.
type: object
properties:
emailTemplate:
"$ref": "#/components/schemas/EmailTemplate"
emailTemplates:
type: array
items:
"$ref": "#/components/schemas/EmailTemplate"
TenantOAuth2Configuration:
type: object
properties:
clientCredentialsAccessTokenPopulateLambdaId:
type: string
format: uuid
WebAuthnPublicKeyRegistrationRequest:
description: Request to register a new public key with WebAuthn
type: object
properties:
clientExtensionResults:
"$ref": "#/components/schemas/WebAuthnExtensionsClientOutputs"
id:
type: string
rpId:
type: string
response:
"$ref": "#/components/schemas/WebAuthnAuthenticatorRegistrationResponse"
transports:
type: array
items:
type: string
type:
type: string
UserResponse:
description: User API response object.
type: object
properties:
emailVerificationId:
type: string
registrationVerificationIds:
type: object
additionalProperties:
type: string
token:
type: string
tokenExpirationInstant:
"$ref": "#/components/schemas/ZonedDateTime"
user:
"$ref": "#/components/schemas/User"
DeviceInfo:
description: ''
type: object
properties:
description:
type: string
lastAccessedAddress:
type: string
lastAccessedInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
type:
type: string
SMSMessageTemplate:
description: ''
type: object
properties:
defaultTemplate:
type: string
localizedTemplates:
"$ref": "#/components/schemas/LocalizedStrings"
UserActionReasonResponse:
description: User Action Reason API response object.
type: object
properties:
userActionReason:
"$ref": "#/components/schemas/UserActionReason"
userActionReasons:
type: array
items:
"$ref": "#/components/schemas/UserActionReason"
UserTwoFactorConfiguration:
description: ''
type: object
properties:
methods:
type: array
items:
"$ref": "#/components/schemas/TwoFactorMethod"
recoveryCodes:
type: array
items:
type: string
PendingIdPLink:
description: ''
type: object
properties:
displayName:
type: string
email:
type: string
identityProviderId:
type: string
format: uuid
identityProviderLinks:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderLink"
identityProviderName:
type: string
identityProviderTenantConfiguration:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
identityProviderType:
"$ref": "#/components/schemas/IdentityProviderType"
identityProviderUserId:
type: string
user:
"$ref": "#/components/schemas/User"
username:
type: string
JWKSResponse:
description: ''
type: object
properties:
keys:
type: array
items:
"$ref": "#/components/schemas/JSONWebKey"
IntegrationResponse:
description: The Integration Response
type: object
properties:
integrations:
"$ref": "#/components/schemas/Integrations"
WebAuthnRegisterStartResponse:
description: API response for starting a WebAuthn registration ceremony
type: object
properties:
options:
"$ref": "#/components/schemas/PublicKeyCredentialCreationOptions"
TenantCaptchaConfiguration:
description: ''
type: object
properties:
captchaMethod:
"$ref": "#/components/schemas/CaptchaMethod"
secretKey:
type: string
siteKey:
type: string
threshold:
type: number
format: double
enabled:
type: boolean
ApplicationResponse:
description: The Application API response.
type: object
properties:
application:
"$ref": "#/components/schemas/Application"
applications:
type: array
items:
"$ref": "#/components/schemas/Application"
role:
"$ref": "#/components/schemas/ApplicationRole"
CoseEllipticCurve:
description: COSE Elliptic Curve identifier to determine which elliptic curve
to use with a given key
type: string
enum:
- Reserved
- P256
- P384
- P521
- X25519
- X448
- Ed25519
- Ed448
- Secp256k1
LoginIdType:
type: string
enum:
- email
- username
OpenIdConnectIdentityProvider:
description: ''
type: object
properties:
domains:
type: array
uniqueItems: true
items: {}
buttonImageURL:
type: string
format: URI
buttonText:
type: string
oauth2:
"$ref": "#/components/schemas/IdentityProviderOauth2Configuration"
postRequest:
type: boolean
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/OpenIdConnectApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
UIConfiguration:
type: object
properties:
headerColor:
type: string
logoURL:
type: string
menuFontColor:
type: string
RegistrationType:
type: string
enum:
- basic
- advanced
XboxApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
GroupSearchCriteria:
description: Search criteria for Groups
type: object
properties:
name:
type: string
tenantId:
type: string
format: uuid
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
MultiFactorSMSMethod:
type: object
properties:
messengerId:
type: string
format: uuid
templateId:
type: string
format: uuid
enabled:
type: boolean
MessengerResponse:
description: ''
type: object
properties:
messenger:
"$ref": "#/components/schemas/BaseMessengerConfiguration"
messengers:
type: array
items:
"$ref": "#/components/schemas/BaseMessengerConfiguration"
UserLoginFailedEvent:
description: Models the User Login Failed Event.
type: object
properties:
applicationId:
type: string
format: uuid
authenticationType:
type: string
ipAddress:
type: string
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
Tenant:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
accessControlConfiguration:
"$ref": "#/components/schemas/TenantAccessControlConfiguration"
captchaConfiguration:
"$ref": "#/components/schemas/TenantCaptchaConfiguration"
configured:
type: boolean
connectorPolicies:
type: array
items:
"$ref": "#/components/schemas/ConnectorPolicy"
emailConfiguration:
"$ref": "#/components/schemas/EmailConfiguration"
eventConfiguration:
"$ref": "#/components/schemas/EventConfiguration"
externalIdentifierConfiguration:
"$ref": "#/components/schemas/ExternalIdentifierConfiguration"
failedAuthenticationConfiguration:
"$ref": "#/components/schemas/FailedAuthenticationConfiguration"
familyConfiguration:
"$ref": "#/components/schemas/FamilyConfiguration"
formConfiguration:
"$ref": "#/components/schemas/TenantFormConfiguration"
httpSessionMaxInactiveInterval:
type: integer
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
issuer:
type: string
jwtConfiguration:
"$ref": "#/components/schemas/JWTConfiguration"
lambdaConfiguration:
"$ref": "#/components/schemas/TenantLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
loginConfiguration:
"$ref": "#/components/schemas/TenantLoginConfiguration"
logoutURL:
type: string
format: URI
maximumPasswordAge:
"$ref": "#/components/schemas/MaximumPasswordAge"
minimumPasswordAge:
"$ref": "#/components/schemas/MinimumPasswordAge"
multiFactorConfiguration:
"$ref": "#/components/schemas/TenantMultiFactorConfiguration"
name:
type: string
oauthConfiguration:
"$ref": "#/components/schemas/TenantOAuth2Configuration"
passwordEncryptionConfiguration:
"$ref": "#/components/schemas/PasswordEncryptionConfiguration"
passwordValidationRules:
"$ref": "#/components/schemas/PasswordValidationRules"
rateLimitConfiguration:
"$ref": "#/components/schemas/TenantRateLimitConfiguration"
registrationConfiguration:
"$ref": "#/components/schemas/TenantRegistrationConfiguration"
scimServerConfiguration:
"$ref": "#/components/schemas/TenantSCIMServerConfiguration"
ssoConfiguration:
"$ref": "#/components/schemas/TenantSSOConfiguration"
state:
"$ref": "#/components/schemas/ObjectState"
themeId:
type: string
format: uuid
userDeletePolicy:
"$ref": "#/components/schemas/TenantUserDeletePolicy"
usernameConfiguration:
"$ref": "#/components/schemas/TenantUsernameConfiguration"
webAuthnConfiguration:
"$ref": "#/components/schemas/TenantWebAuthnConfiguration"
GroupMemberUpdateCompleteEvent:
description: Models the Group Member Update Complete Event.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
BaseMessengerConfiguration:
description: Do not require a setter for 'type', it is defined by the concrete
class and is not mutable
type: object
properties:
data:
type: object
additionalProperties:
type: object
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
transport:
type: string
type:
"$ref": "#/components/schemas/MessengerType"
TwoFactorStartResponse:
description: ''
type: object
properties:
code:
type: string
methods:
type: array
items:
"$ref": "#/components/schemas/TwoFactorMethod"
twoFactorId:
type: string
PasswordlessConfiguration:
type: object
properties:
enabled:
type: boolean
EntityGrantSearchResponse:
description: Search request for entity grants.
type: object
properties:
grants:
type: array
items:
"$ref": "#/components/schemas/EntityGrant"
total:
type: integer
format: int64
Theme:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
defaultMessages:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
localizedMessages:
"$ref": "#/components/schemas/LocalizedStrings"
name:
type: string
stylesheet:
type: string
templates:
"$ref": "#/components/schemas/Templates"
RefreshTokenExpirationPolicy:
description: ''
type: string
enum:
- Fixed
- SlidingWindow
- SlidingWindowWithMaximumLifetime
IdentityProviderLoginRequest:
description: Login API request object used for login to third-party systems
(i.e. Login with Facebook).
type: object
properties:
data:
type: object
additionalProperties:
type: string
identityProviderId:
type: string
format: uuid
noLink:
type: boolean
encodedJWT:
type: string
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
GroupResponse:
description: Group API response object.
type: object
properties:
group:
"$ref": "#/components/schemas/Group"
groups:
type: array
items:
"$ref": "#/components/schemas/Group"
FailedAuthenticationActionCancelPolicy:
description: A policy to configure if and when the user-action is canceled prior
to the expiration of the action.
type: object
properties:
onPasswordReset:
type: boolean
UnverifiedBehavior:
description: ''
type: string
enum:
- Allow
- Gated
Consent:
description: Models a consent.
type: object
properties:
data:
type: object
additionalProperties:
type: object
consentEmailTemplateId:
type: string
format: uuid
countryMinimumAgeForSelfConsent:
"$ref": "#/components/schemas/LocalizedIntegers"
defaultMinimumAgeForSelfConsent:
type: integer
emailPlus:
"$ref": "#/components/schemas/EmailPlus"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
multipleValuesAllowed:
type: boolean
name:
type: string
values:
type: array
items:
type: string
IPAccessControlListRequest:
description: ''
type: object
properties:
ipAccessControlList:
"$ref": "#/components/schemas/IPAccessControlList"
SAMLv2ApplicationConfiguration:
description: ''
type: object
properties:
buttonImageURL:
type: string
format: URI
buttonText:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
AuditLogSearchRequest:
description: ''
type: object
properties:
search:
"$ref": "#/components/schemas/AuditLogSearchCriteria"
UserPasswordBreachEvent:
description: Models the User Password Breach Event.
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
ReactorMetrics:
description: ''
type: object
properties:
breachedPasswordMetrics:
type: object
additionalProperties:
"$ref": "#/components/schemas/BreachedPasswordTenantMetric"
SendRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
bccAddresses:
type: array
items:
type: string
ccAddresses:
type: array
items:
type: string
preferredLanguages:
type: array
items:
"$ref": "#/components/schemas/Locale"
requestData:
type: object
additionalProperties:
type: object
toAddresses:
type: array
items:
"$ref": "#/components/schemas/EmailAddress"
userIds:
type: array
items:
type: string
format: uuid
AuditLogConfiguration:
type: object
properties:
delete:
"$ref": "#/components/schemas/DeleteConfiguration"
UserDeleteEvent:
description: Models the User Event (and can be converted to JSON) that is used
for all user modifications (create, update, delete).
type: object
properties:
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
RegistrationDeleteRequest:
description: Registration delete API request object.
type: object
properties:
eventInfo:
"$ref": "#/components/schemas/EventInfo"
UserActionPhase:
description: The phases of a time-based user action.
type: string
enum:
- start
- modify
- cancel
- end
VerifyEmailRequest:
description: ''
type: object
properties:
oneTimeCode:
type: string
userId:
type: string
format: uuid
verificationId:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
TwoFactorDisableRequest:
description: ''
type: object
properties:
applicationId:
type: string
format: uuid
code:
type: string
methodId:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
GoogleIdentityProvider:
description: Google social login provider.
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
loginMethod:
"$ref": "#/components/schemas/IdentityProviderLoginMethod"
properties:
"$ref": "#/components/schemas/GoogleIdentityProviderProperties"
scope:
type: string
data:
type: object
additionalProperties:
type: object
applicationConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/GoogleApplicationConfiguration"
debug:
type: boolean
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lambdaConfiguration:
"$ref": "#/components/schemas/ProviderLambdaConfiguration"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
linkingStrategy:
"$ref": "#/components/schemas/IdentityProviderLinkingStrategy"
name:
type: string
tenantConfiguration:
type: object
additionalProperties:
"$ref": "#/components/schemas/IdentityProviderTenantConfiguration"
type:
"$ref": "#/components/schemas/IdentityProviderType"
FormStep:
description: ''
type: object
properties:
fields:
type: array
items:
type: string
format: uuid
TenantUserDeletePolicy:
description: A Tenant-level policy for deleting Users.
type: object
properties:
unverified:
"$ref": "#/components/schemas/TimeBasedDeletePolicy"
SonyPSNApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
KeySearchRequest:
description: Search request for Keys
type: object
properties:
search:
"$ref": "#/components/schemas/KeySearchCriteria"
LambdaEngineType:
description: ''
type: string
enum:
- GraalJS
- Nashorn
UserActionLog:
description: A log for an action that was taken on a User.
type: object
properties:
actioneeUserId:
type: string
format: uuid
actionerUserId:
type: string
format: uuid
applicationIds:
type: array
items:
type: string
format: uuid
comment:
type: string
emailUserOnEnd:
type: boolean
endEventSent:
type: boolean
expiry:
"$ref": "#/components/schemas/ZonedDateTime"
history:
"$ref": "#/components/schemas/LogHistory"
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
localizedName:
type: string
localizedOption:
type: string
localizedReason:
type: string
name:
type: string
notifyUserOnEnd:
type: boolean
option:
type: string
reason:
type: string
reasonCode:
type: string
userActionId:
type: string
format: uuid
LoginPingRequest:
description: Login Ping API request object.
type: object
properties:
userId:
type: string
format: uuid
applicationId:
type: string
format: uuid
ipAddress:
type: string
metaData:
"$ref": "#/components/schemas/MetaData"
newDevice:
type: boolean
noJWT:
type: boolean
IdentityProviderLimitUserLinkingPolicy:
description: ''
type: object
properties:
maximumLinks:
type: integer
enabled:
type: boolean
EmailUnverifiedOptions:
description: ''
type: object
properties:
allowEmailChangeWhenGated:
type: boolean
behavior:
"$ref": "#/components/schemas/UnverifiedBehavior"
BaseEventRequest:
description: Base class for requests that can contain event information. This
event information is used when sending Webhooks or emails during the transaction.
The caller is responsible for ensuring that the event information is correct.
type: object
properties:
eventInfo:
"$ref": "#/components/schemas/EventInfo"
OAuthErrorType:
type: string
enum:
- invalid_request
- invalid_client
- invalid_grant
- invalid_token
- unauthorized_client
- invalid_scope
- server_error
- unsupported_grant_type
- unsupported_response_type
- change_password_required
- not_licensed
- two_factor_required
- authorization_pending
- expired_token
- unsupported_token_type
TenantSearchRequest:
description: Search request for Tenants
type: object
properties:
search:
"$ref": "#/components/schemas/TenantSearchCriteria"
PublicKeyResponse:
description: JWT Public Key Response Object
type: object
properties:
publicKey:
type: string
publicKeys:
type: object
additionalProperties:
type: string
Sort:
description: ''
type: string
enum:
- asc
- desc
ForgotPasswordRequest:
description: Forgot password request object.
type: object
properties:
applicationId:
type: string
format: uuid
changePasswordId:
type: string
loginId:
type: string
sendForgotPasswordEmail:
type: boolean
state:
type: object
additionalProperties:
type: object
email:
type: string
username:
type: string
eventInfo:
"$ref": "#/components/schemas/EventInfo"
IdentityProviderSearchResponse:
description: Identity Provider response.
type: object
properties:
identityProviders:
type: array
items:
"$ref": "#/components/schemas/IdentityProviderField"
total:
type: integer
format: int64
MetaData:
type: object
properties:
data:
type: object
additionalProperties:
type: object
device:
"$ref": "#/components/schemas/DeviceInfo"
scopes:
type: array
uniqueItems: true
items: {}
SAMLLogoutBehavior:
type: string
enum:
- AllParticipants
- OnlyOriginator
EmailConfiguration:
description: ''
type: object
properties:
additionalHeaders:
type: array
items:
"$ref": "#/components/schemas/EmailHeader"
debug:
type: boolean
defaultFromEmail:
type: string
defaultFromName:
type: string
emailUpdateEmailTemplateId:
type: string
format: uuid
emailVerifiedEmailTemplateId:
type: string
format: uuid
forgotPasswordEmailTemplateId:
type: string
format: uuid
host:
type: string
implicitEmailVerificationAllowed:
type: boolean
loginIdInUseOnCreateEmailTemplateId:
type: string
format: uuid
loginIdInUseOnUpdateEmailTemplateId:
type: string
format: uuid
loginNewDeviceEmailTemplateId:
type: string
format: uuid
loginSuspiciousEmailTemplateId:
type: string
format: uuid
password:
type: string
passwordResetSuccessEmailTemplateId:
type: string
format: uuid
passwordUpdateEmailTemplateId:
type: string
format: uuid
passwordlessEmailTemplateId:
type: string
format: uuid
port:
type: integer
properties:
type: string
security:
"$ref": "#/components/schemas/EmailSecurityType"
setPasswordEmailTemplateId:
type: string
format: uuid
twoFactorMethodAddEmailTemplateId:
type: string
format: uuid
twoFactorMethodRemoveEmailTemplateId:
type: string
format: uuid
unverified:
"$ref": "#/components/schemas/EmailUnverifiedOptions"
username:
type: string
verificationEmailTemplateId:
type: string
format: uuid
verificationStrategy:
"$ref": "#/components/schemas/VerificationStrategy"
verifyEmail:
type: boolean
verifyEmailWhenChanged:
type: boolean
TenantLoginConfiguration:
description: ''
type: object
properties:
requireAuthentication:
type: boolean
ActionRequest:
description: The user action request object.
type: object
properties:
action:
"$ref": "#/components/schemas/ActionData"
broadcast:
type: boolean
eventInfo:
"$ref": "#/components/schemas/EventInfo"
IdentityProviderLinkingStrategy:
description: The IdP behavior when no user link has been made yet.
type: string
enum:
- CreatePendingLink
- Disabled
- LinkAnonymously
- LinkByEmail
- LinkByEmailForExistingUser
- LinkByUsername
- LinkByUsernameForExistingUser
- Unsupported
IdentityProviderRequest:
description: ''
type: object
properties:
identityProvider:
"$ref": "#/components/schemas/IdentityProviderField"
Group:
description: ''
type: object
properties:
data:
type: object
additionalProperties:
type: object
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
roles:
type: array
items:
"$ref": "#/components/schemas/ApplicationRole"
tenantId:
type: string
format: uuid
SAMLv2AssertionConfiguration:
description: ''
type: object
properties:
destination:
"$ref": "#/components/schemas/SAMLv2DestinationAssertionConfiguration"
WebAuthnRegisterCompleteRequest:
description: Request to complete the WebAuthn registration ceremony for a new
credential,.
type: object
properties:
credential:
"$ref": "#/components/schemas/WebAuthnPublicKeyRegistrationRequest"
origin:
type: string
rpId:
type: string
userId:
type: string
format: uuid
ReactorResponse:
description: ''
type: object
properties:
status:
"$ref": "#/components/schemas/ReactorStatus"
ApplicationRole:
description: A role given to a user for a specific application.
type: object
properties:
description:
type: string
id:
type: string
format: uuid
insertInstant:
"$ref": "#/components/schemas/ZonedDateTime"
isDefault:
type: boolean
isSuperRole:
type: boolean
lastUpdateInstant:
"$ref": "#/components/schemas/ZonedDateTime"
name:
type: string
VerifyRegistrationResponse:
description: ''
type: object
properties:
oneTimeCode:
type: string
verificationId:
type: string
CORSConfiguration:
description: ''
type: object
properties:
allowCredentials:
type: boolean
allowedHeaders:
type: array
items:
type: string
allowedMethods:
type: array
items:
"$ref": "#/components/schemas/HTTPMethod"
allowedOrigins:
type: array
items:
type: string
format: URI
debug:
type: boolean
exposedHeaders:
type: array
items:
type: string
preflightMaxAgeInSeconds:
type: integer
enabled:
type: boolean
MemberRequest:
description: Group Member Request
type: object
properties:
members:
type: array
items:
"$ref": "#/components/schemas/GroupMember"
BaseSearchCriteria:
description: ''
type: object
properties:
numberOfResults:
type: integer
orderBy:
type: string
startRow:
type: integer
JSONWebKeyInfoProvider:
description: Interface for any object that can provide JSON Web key Information.
type: object
properties: {}
BreachAction:
type: string
enum:
- 'Off'
- RecordOnly
- NotifyUser
- RequireChange
EventLogType:
description: Event Log Type
type: string
enum:
- Information
- Debug
- Error
UserRegistrationUpdateEvent:
description: Models the User Update Registration Event.
type: object
properties:
applicationId:
type: string
format: uuid
original:
"$ref": "#/components/schemas/UserRegistration"
registration:
"$ref": "#/components/schemas/UserRegistration"
user:
"$ref": "#/components/schemas/User"
createInstant:
"$ref": "#/components/schemas/ZonedDateTime"
id:
type: string
format: uuid
info:
"$ref": "#/components/schemas/EventInfo"
tenantId:
type: string
format: uuid
type:
"$ref": "#/components/schemas/EventType"
EntityResponse:
description: Entity API response object.
type: object
properties:
entity:
"$ref": "#/components/schemas/Entity"
PublicKeyCredentialEntity:
description: Describes a user account or WebAuthn Relying Party associated with
a public key credential
type: object
properties:
name:
type: string
ApplicationEmailConfiguration:
type: object
properties:
emailUpdateEmailTemplateId:
type: string
format: uuid
emailVerificationEmailTemplateId:
type: string
format: uuid
emailVerifiedEmailTemplateId:
type: string
format: uuid
forgotPasswordEmailTemplateId:
type: string
format: uuid
loginIdInUseOnCreateEmailTemplateId:
type: string
format: uuid
loginIdInUseOnUpdateEmailTemplateId:
type: string
format: uuid
loginNewDeviceEmailTemplateId:
type: string
format: uuid
loginSuspiciousEmailTemplateId:
type: string
format: uuid
passwordResetSuccessEmailTemplateId:
type: string
format: uuid
passwordUpdateEmailTemplateId:
type: string
format: uuid
passwordlessEmailTemplateId:
type: string
format: uuid
setPasswordEmailTemplateId:
type: string
format: uuid
twoFactorMethodAddEmailTemplateId:
type: string
format: uuid
twoFactorMethodRemoveEmailTemplateId:
type: string
format: uuid
IdentityProviderStartLoginResponse:
description: ''
type: object
properties:
code:
type: string
EpicGamesApplicationConfiguration:
description: ''
type: object
properties:
buttonText:
type: string
client_id:
type: string
client_secret:
type: string
scope:
type: string
data:
type: object
additionalProperties:
type: object
createRegistration:
type: boolean
UserRegistrationDeleteCompleteEvent:
description: Models the User Deleted Registration Event. null may be handled differently depending
upon the programming language. See also: (method names may vary by language...
but you''ll figure it out) - revokeRefreshTokenById - revokeRefreshTokenByToken -
revokeRefreshTokensByUserId - revokeRefreshTokensByApplicationId - revokeRefreshTokensByUserIdForApplication'
operationId: deleteJwtRefresh
parameters:
- name: userId
in: query
schema:
type: string
description: The unique Id of the user that you want to delete all refresh
tokens for.
- name: applicationId
in: query
schema:
type: string
description: The unique Id of the application that you want to delete refresh
tokens for.
- name: token
in: query
schema:
type: string
description: The refresh token to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RefreshTokenRevokeRequest"
post:
description: Exchange a refresh token for a new JWT.
operationId: exchangeRefreshTokenForJWTWithId
security: []
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RefreshRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/JWTRefreshResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the refresh tokens that belong to the user with the given
Id.
operationId: retrieveRefreshTokensWithId
parameters:
- name: userId
in: query
schema:
type: string
description: The Id of the user.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RefreshTokenResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/group/member/search":
post:
description: Searches group members with the specified criteria and pagination.
operationId: searchGroupMembersWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupMemberSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupMemberSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/report/monthly-active-user":
get:
description: Retrieves the monthly active user report between the two instants.
If you specify an application id, it will only return the monthly active counts
for that application.
operationId: retrieveMonthlyActiveReportWithId
parameters:
- name: applicationId
in: query
schema:
type: string
description: The application id.
- name: start
in: query
schema:
type: string
description: The start instant as UTC milliseconds since Epoch.
- name: end
in: query
schema:
type: string
description: The end instant as UTC milliseconds since Epoch.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MonthlyActiveUserReportResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/oauth2/introspect":
post:
description: Inspect an access token issued as the result of the User based
grant such as the Authorization Code Grant, Implicit Grant, the User Credentials
Grant or the Refresh Grant. OR Inspect an access token issued as the result
of the Client Credentials Grant.
operationId: createIntrospect
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IntrospectResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/OAuthError"
"/api/user/search":
post:
description: Retrieves the users for the given search criteria and pagination.
operationId: searchUsersByQueryWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/SearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the users for the given ids. If any id is invalid, it
is ignored.
operationId: searchUsersByIdsWithId
parameters:
- name: ids
in: query
schema:
type: string
description: The user ids to search for.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/ip-acl/{ipAccessControlListId}":
get:
description: Retrieves the IP Access Control List with the given Id.
operationId: retrieveIPAccessControlListWithId
parameters:
- name: ipAccessControlListId
in: path
schema:
type: string
required: true
description: The Id of the IP Access Control List.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListResponse"
default:
description: Error
delete:
description: Deletes the IP Access Control List for the given Id.
operationId: deleteIPAccessControlListWithId
parameters:
- name: ipAccessControlListId
in: path
schema:
type: string
required: true
description: The Id of the IP Access Control List to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/{userId}":
put:
description: Reactivates the user with the given Id. OR Updates the user with
the given Id.
operationId: updateUserWithId
parameters:
- name: reactivate
in: query
schema:
type: string
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to reactivate.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRequest"
delete:
description: Deletes the user based on the given request (sent to the API as
JSON). This permanently deletes all information, metrics, reports and data
associated with the user. OR Deletes the user for the given Id. This permanently
deletes all information, metrics, reports and data associated with the user.
OR Deactivates the user with the given Id.
operationId: deleteUserWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to delete (required).
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: hardDelete
in: query
schema:
type: string
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserDeleteSingleRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a user. You can optionally specify an Id for the user,
if not provided one will be generated.
operationId: createUserWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id for the user. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the user with the given Id.
operationId: patchUserWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the user for the given Id.
operationId: retrieveUserWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/oauth2/device/validate":
get:
description: Validates the end-user provided user_code from the user-interaction
of the Device Authorization Grant. If you build your own activation form you
should validate the user provided code prior to beginning the Authorization
grant.
operationId: validateDeviceWithId
security: []
parameters:
- name: user_code
in: query
schema:
type: string
description: The end-user verification code.
- name: client_id
in: query
schema:
type: string
description: The client id.
responses:
'200':
description: Success
default:
description: Error
"/api/user/two-factor/{userId}":
post:
description: Enable two-factor authentication for a user.
operationId: enableTwoFactorWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user to enable two-factor authentication.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Disable two-factor authentication for a user using a JSON body
rather than URL parameters. OR Disable two-factor authentication for a user.
operationId: deleteUserTwoFactorWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the User for which you're disabling two-factor authentication.
- name: methodId
in: query
schema:
type: string
description: The two-factor method identifier you wish to disable
- name: code
in: query
schema:
type: string
description: The two-factor code used verify the the caller knows the two-factor
secret.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorDisableRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/two-factor/send/{twoFactorId}":
post:
description: Send a Two Factor authentication code to allow the completion of
Two Factor authentication.
operationId: sendTwoFactorCodeForLoginUsingMethodWithId
security: []
parameters:
- name: twoFactorId
in: path
schema:
type: string
required: true
description: The Id returned by the Login API necessary to complete Two Factor
authentication.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TwoFactorSendRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application/search":
post:
description: Searches applications with the specified criteria and pagination.
operationId: searchApplicationsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application/{applicationId}":
delete:
description: Hard deletes an application. This is a dangerous operation and
should not be used in most circumstances. This will delete the application,
any registrations for that application, metrics and reports for the application,
all the roles for the application, and any other data associated with the
application. This operation could take a very long time, depending on the
amount of data in your database. OR Deactivates the application with the given
Id.
operationId: deleteApplicationWithId
parameters:
- name: hardDelete
in: query
schema:
type: string
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the application with the given Id.
operationId: patchApplicationWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an application. You can optionally specify an Id for the
application, if not provided one will be generated.
operationId: createApplicationWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id to use for the application. If not provided a secure random
UUID will be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the application with the given Id. OR Reactivates the application
with the given Id.
operationId: updateApplicationWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: reactivate
in: query
schema:
type: string
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the application for the given id or all the applications
if the id is null.
operationId: retrieveApplicationWithId
parameters:
- name: applicationId
in: path
schema:
type: string
required: true
description: The application id.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
"/api/entity/{entityId}":
get:
description: Retrieves the Entity for the given Id.
operationId: retrieveEntityWithId
parameters:
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the Entity with the given Id.
operationId: updateEntityWithId
parameters:
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an Entity. You can optionally specify an Id for the Entity.
If not provided one will be generated.
operationId: createEntityWithId
parameters:
- name: entityId
in: path
schema:
type: string
required: true
description: The Id for the Entity. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EntityResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the Entity for the given Id.
operationId: deleteEntityWithId
parameters:
- name: entityId
in: path
schema:
type: string
required: true
description: The Id of the Entity to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/theme/{themeId}":
put:
description: Updates the theme with the given Id.
operationId: updateThemeWithId
parameters:
- name: themeId
in: path
schema:
type: string
required: true
description: The Id of the theme to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a Theme. You can optionally specify an Id for the theme,
if not provided one will be generated.
operationId: createThemeWithId
parameters:
- name: themeId
in: path
schema:
type: string
required: true
description: The Id for the theme. If not provided a secure random UUID will
be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the theme for the given Id.
operationId: retrieveThemeWithId
parameters:
- name: themeId
in: path
schema:
type: string
required: true
description: The Id of the theme.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the theme with the given Id.
operationId: patchThemeWithId
parameters:
- name: themeId
in: path
schema:
type: string
required: true
description: The Id of the theme to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the theme for the given Id.
operationId: deleteThemeWithId
parameters:
- name: themeId
in: path
schema:
type: string
required: true
description: The Id of the theme to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/system/login-record/search":
post:
description: Searches the login records with the specified criteria and pagination.
operationId: searchLoginRecordsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginRecordSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginRecordSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user-action-reason/{userActionReasonId}":
patch:
description: Updates, via PATCH, the user action reason with the given Id.
operationId: patchUserActionReasonWithId
parameters:
- name: userActionReasonId
in: path
schema:
type: string
required: true
description: The Id of the user action reason to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the user action reason with the given Id.
operationId: updateUserActionReasonWithId
parameters:
- name: userActionReasonId
in: path
schema:
type: string
required: true
description: The Id of the user action reason to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a user reason. This user action reason cannot be used when
actioning a user until this call completes successfully. Anytime after that
the user action reason can be used.
operationId: createUserActionReasonWithId
parameters:
- name: userActionReasonId
in: path
schema:
type: string
required: true
description: The Id for the user action reason. If not provided a secure random
UUID will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the user action reason for the given Id.
operationId: deleteUserActionReasonWithId
parameters:
- name: userActionReasonId
in: path
schema:
type: string
required: true
description: The Id of the user action reason to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the user action reason for the given Id. If you pass
in null for the id, this will return all the user action reasons.
operationId: retrieveUserActionReasonWithId
parameters:
- name: userActionReasonId
in: path
schema:
type: string
required: true
description: The Id of the user action reason.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserActionReasonResponse"
default:
description: Error
"/api/webauthn/import":
post:
description: Import a WebAuthn credential
operationId: importWebAuthnCredentialWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnCredentialImportRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/email/template/{emailTemplateId}":
get:
description: Retrieves the email template for the given Id. If you don't specify
the id, this will return all the email templates.
operationId: retrieveEmailTemplateWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The Id of the email template.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
delete:
description: Deletes the email template for the given Id.
operationId: deleteEmailTemplateWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The Id of the email template to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the email template with the given Id.
operationId: updateEmailTemplateWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The Id of the email template to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the email template with the given Id.
operationId: patchEmailTemplateWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The Id of the email template to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an email template. You can optionally specify an Id for
the template, if not provided one will be generated.
operationId: createEmailTemplateWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The Id for the template. If not provided a secure random UUID
will be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/email/template":
get:
description: Retrieves the email template for the given Id. If you don't specify
the id, this will return all the email templates.
operationId: retrieveEmailTemplate
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
post:
description: Creates an email template. You can optionally specify an Id for
the template, if not provided one will be generated.
operationId: createEmailTemplate
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/tenant/{tenantId}":
get:
description: Retrieves the tenant for the given Id.
operationId: retrieveTenantWithId
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id of the tenant.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the tenant with the given Id.
operationId: patchTenantWithId
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id of the tenant to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the tenant based on the given Id on the URL. This permanently
deletes all information, metrics, reports and data associated with the tenant
and everything under the tenant (applications, users, etc). OR Deletes the
tenant for the given Id asynchronously. This method is helpful if you do not
want to wait for the delete operation to complete. OR Deletes the tenant based
on the given request (sent to the API as JSON). This permanently deletes all
information, metrics, reports and data associated with the tenant and everything
under the tenant (applications, users, etc).
operationId: deleteTenantWithId
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id of the tenant to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: async
in: query
schema:
type: string
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantDeleteRequest"
put:
description: Updates the tenant with the given Id.
operationId: updateTenantWithId
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id of the tenant to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a tenant. You can optionally specify an Id for the tenant,
if not provided one will be generated.
operationId: createTenantWithId
parameters:
- name: tenantId
in: path
schema:
type: string
required: true
description: The Id for the tenant. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/change-password":
get:
description: Check to see if the user must obtain a Trust Request Id in order
to complete a change password request. When a user has enabled Two-Factor
authentication, before you are allowed to use the Change Password API to change
your password, you must obtain a Trust Request Id by completing a Two-Factor
Step-Up authentication. An HTTP status code of 400 with a general error code
of [TrustTokenRequired] indicates that a Trust Token is required to make a
POST request to this API. OR Check to see if the user must obtain a Trust
Token Id in order to complete a change password request. When a user has enabled
Two-Factor authentication, before you are allowed to use the Change Password
API to change your password, you must obtain a Trust Token by completing a
Two-Factor Step-Up authentication. An HTTP status code of 400 with a general
error code of [TrustTokenRequired] indicates that a Trust Token is required
to make a POST request to this API.
operationId: retrieveUserChangePassword
parameters:
- name: loginId
in: query
schema:
type: string
description: The loginId of the User that you intend to change the password
for.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: 'Changes a user''s password using their identity (login id and
password). Using a loginId instead of the changePasswordId bypasses the email
verification and allows a password to be changed directly without first calling
the #forgotPassword method.'
operationId: changePasswordByIdentityWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ChangePasswordRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/key/{keyId}":
delete:
description: Deletes the key for the given Id.
operationId: deleteKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id of the key to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the key for the given Id.
operationId: retrieveKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id of the key.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the key with the given Id.
operationId: updateKeyWithId
parameters:
- name: keyId
in: path
schema:
type: string
required: true
description: The Id of the key to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/consent/{userConsentId}":
delete:
description: Revokes a single User consent by Id.
operationId: revokeUserConsentWithId
parameters:
- name: userConsentId
in: path
schema:
type: string
required: true
description: The User Consent Id
responses:
'200':
description: Success
default:
description: Error
post:
description: Creates a single User consent.
operationId: createUserConsentWithId
parameters:
- name: userConsentId
in: path
schema:
type: string
required: true
description: The Id for the User consent. If not provided a secure random
UUID will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates a single User consent by Id.
operationId: updateUserConsentWithId
parameters:
- name: userConsentId
in: path
schema:
type: string
required: true
description: The User Consent Id
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieve a single User consent by Id.
operationId: retrieveUserConsentWithId
parameters:
- name: userConsentId
in: path
schema:
type: string
required: true
description: The User consent Id
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
patch:
description: Updates, via PATCH, a single User consent by Id.
operationId: patchUserConsentWithId
parameters:
- name: userConsentId
in: path
schema:
type: string
required: true
description: The User Consent Id
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/family":
get:
description: Retrieves all the families that a user belongs to.
operationId: retrieveFamiliesWithId
parameters:
- name: userId
in: query
schema:
type: string
description: The User's id
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyResponse"
default:
description: Error
post:
description: Creates a family with the user id in the request as the owner and
sole member of the family. You can optionally specify an id for the family,
if not provided one will be generated.
operationId: createFamily
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/FamilyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/integration":
patch:
description: Updates, via PATCH, the available integrations.
operationId: patchIntegrationsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IntegrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IntegrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the available integrations.
operationId: updateIntegrationsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IntegrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IntegrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/consent":
post:
description: Creates a single User consent.
operationId: createUserConsent
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves all the consents for a User.
operationId: retrieveUserConsentsWithId
parameters:
- name: userId
in: query
schema:
type: string
description: The User's Id
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserConsentResponse"
default:
description: Error
"/api/user/family/{familyId}/{userId}":
delete:
description: Removes a user from the family with the given id.
operationId: removeUserFromFamilyWithId
parameters:
- name: familyId
in: path
schema:
type: string
required: true
description: The id of the family to remove the user from.
- name: userId
in: path
schema:
type: string
required: true
description: The id of the user to remove from the family.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/report/login":
get:
description: Retrieves the login report between the two instants. If you specify
an application id, it will only return the login counts for that application.
OR Retrieves the login report between the two instants for a particular user
by Id. If you specify an application id, it will only return the login counts
for that application. OR Retrieves the login report between the two instants
for a particular user by login Id. If you specify an application id, it will
only return the login counts for that application.
operationId: retrieveReportLogin
parameters:
- name: applicationId
in: query
schema:
type: string
description: The application id.
- name: start
in: query
schema:
type: string
description: The start instant as UTC milliseconds since Epoch.
- name: end
in: query
schema:
type: string
description: The end instant as UTC milliseconds since Epoch.
- name: userId
in: query
schema:
type: string
description: The userId id.
- name: loginId
in: query
schema:
type: string
description: The userId id.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginReportResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/tenant/search":
post:
description: Searches tenants with the specified criteria and pagination.
operationId: searchTenantsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TenantSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/registration/{userId}":
put:
description: Updates the registration for the user with the given id and the
application defined in the request.
operationId: updateRegistrationWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user whose registration is going to be updated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Registers a user for an application. If you provide the User and
the UserRegistration object on this request, it will create the user as well
as register them for the application. This is called a Full Registration.
However, if you only provide the UserRegistration object, then the user must
already exist and they will be registered for the application. The user id
can also be provided and it will either be used to look up an existing user
or it will be used for the newly created User.
operationId: registerWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user being registered for the application and optionally
created.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the registration for the user with the given
id and the application defined in the request.
operationId: patchRegistrationWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user whose registration is going to be updated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/oauth2/token":
post:
description: Exchanges an OAuth authorization code and code_verifier for an
access token. Makes a request to the Token endpoint to exchange the authorization
code returned from the Authorize endpoint and a code_verifier for an access
token. OR Make a Client Credentials grant request to obtain an access token.
OR Exchange a Refresh Token for an Access Token. If you will be using the
Refresh Token Grant, you will make a request to the Token endpoint to exchange
the user’s refresh token for an access token. OR Exchange User Credentials
for a Token. If you will be using the Resource Owner Password Credential Grant,
you will make a request to the Token endpoint to exchange the user’s email
and password for an access token. OR Exchanges an OAuth authorization code
for an access token. Makes a request to the Token endpoint to exchange the
authorization code returned from the Authorize endpoint for an access token.
operationId: createToken
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/AccessToken"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/OAuthError"
"/api/ip-acl/search":
post:
description: Searches the IP Access Control Lists with the specified criteria
and pagination.
operationId: searchIPAccessControlListsWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IPAccessControlListSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webauthn/start":
post:
description: Start a WebAuthn authentication ceremony by generating a new challenge
for the user
operationId: startWebAuthnLoginWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnStartRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnStartResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/group/{groupId}":
patch:
description: Updates, via PATCH, the group with the given Id.
operationId: patchGroupWithId
parameters:
- name: groupId
in: path
schema:
type: string
required: true
description: The Id of the group to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the group for the given Id.
operationId: retrieveGroupWithId
parameters:
- name: groupId
in: path
schema:
type: string
required: true
description: The Id of the group.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the group for the given Id.
operationId: deleteGroupWithId
parameters:
- name: groupId
in: path
schema:
type: string
required: true
description: The Id of the group to delete.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a group. You can optionally specify an Id for the group,
if not provided one will be generated.
operationId: createGroupWithId
parameters:
- name: groupId
in: path
schema:
type: string
required: true
description: The Id for the group. If not provided a secure random UUID will
be generated.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the group with the given Id.
operationId: updateGroupWithId
parameters:
- name: groupId
in: path
schema:
type: string
required: true
description: The Id of the group to update.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/GroupResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/forgot-password":
post:
description: Begins the forgot password sequence, which kicks off an email to
the user so that they can reset their password.
operationId: forgotPasswordWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ForgotPasswordRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ForgotPasswordResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/registration/{userId}/{applicationId}":
delete:
description: Deletes the user registration for the given user and application.
OR Deletes the user registration for the given user and application along
with the given JSON body that contains the event information.
operationId: deleteUserRegistrationWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user whose registration is being deleted.
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application to remove the registration for.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationDeleteRequest"
get:
description: Retrieves the user registration for the user with the given id
and the given application id.
operationId: retrieveRegistrationWithId
parameters:
- name: userId
in: path
schema:
type: string
required: true
description: The Id of the user.
- name: applicationId
in: path
schema:
type: string
required: true
description: The Id of the application.
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RegistrationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/system/audit-log":
post:
description: Creates an audit log with the message and user name (usually an
email). Audit logs should be written anytime you make changes to the FusionAuth
database. When using the FusionAuth App web interface, any changes are automatically
written to the audit log. However, if you are accessing the API, you must
write the audit logs yourself.
operationId: createAuditLogWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/AuditLogRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/AuditLogResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/message/template/preview":
post:
description: Creates a preview of the message template provided in the request,
normalized to a given locale.
operationId: retrieveMessageTemplatePreviewWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/PreviewMessageTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/PreviewMessageTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/recent-login":
get:
description: Retrieves the last number of login records. OR Retrieves the last
number of login records for a user.
operationId: retrieveUserRecentLogin
parameters:
- name: offset
in: query
schema:
type: string
description: The initial record. e.g. 0 is the last login, 100 will be the
100th most recent login.
- name: limit
in: query
schema:
type: string
description: "(Optional, defaults to 10) The number of records to retrieve."
- name: userId
in: query
schema:
type: string
description: The Id of the user.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/RecentLoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/message/template/{messageTemplateId}":
get:
description: Retrieves the message template for the given Id. If you don't specify
the id, this will return all the message templates.
operationId: retrieveMessageTemplateWithId
parameters:
- name: messageTemplateId
in: path
schema:
type: string
required: true
description: The Id of the message template.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
patch:
description: Updates, via PATCH, the message template with the given Id.
operationId: patchMessageTemplateWithId
parameters:
- name: messageTemplateId
in: path
schema:
type: string
required: true
description: The Id of the message template to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the message template with the given Id.
operationId: updateMessageTemplateWithId
parameters:
- name: messageTemplateId
in: path
schema:
type: string
required: true
description: The Id of the message template to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the message template for the given Id.
operationId: deleteMessageTemplateWithId
parameters:
- name: messageTemplateId
in: path
schema:
type: string
required: true
description: The Id of the message template to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an message template. You can optionally specify an Id for
the template, if not provided one will be generated.
operationId: createMessageTemplateWithId
parameters:
- name: messageTemplateId
in: path
schema:
type: string
required: true
description: The Id for the template. If not provided a secure random UUID
will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/message/template":
get:
description: Retrieves the message template for the given Id. If you don't specify
the id, this will return all the message templates.
operationId: retrieveMessageTemplate
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
post:
description: Creates an message template. You can optionally specify an Id for
the template, if not provided one will be generated.
operationId: createMessageTemplate
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MessageTemplateResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/theme":
post:
description: Creates a Theme. You can optionally specify an Id for the theme,
if not provided one will be generated.
operationId: createTheme
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ThemeResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/group/member":
delete:
description: Removes users as members of a group.
operationId: deleteGroupMembersWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MemberDeleteRequest"
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates a member in a group.
operationId: createGroupMembersWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MemberRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MemberResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Creates a member in a group.
operationId: updateGroupMembersWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/MemberRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/MemberResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/two-factor/secret":
get:
description: Generate a Two Factor secret that can be used to enable Two Factor
authentication for a User. The response will contain both the secret and a
Base32 encoded form of the secret which can be shown to a User when using
a 2 Step Authentication application such as Google Authenticator.
operationId: generateTwoFactorSecretUsingJWTWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SecretResponse"
default:
description: Error
"/api/login":
put:
description: Sends a ping to FusionAuth indicating that the user was automatically
logged into an application. When using FusionAuth's SSO or your own, you should
call this if the user is already logged in centrally, but accesses an application
where they no longer have a session. This helps correctly track login counts,
times and helps with reporting.
operationId: loginPingWithRequestWithId
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginPingRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Authenticates a user to FusionAuth. This API optionally requires
an API key. See Application.loginConfiguration.requireAuthentication.
operationId: loginWithId
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/{identityProviderId}":
patch:
description: Updates, via PATCH, the identity provider with the given Id.
operationId: patchIdentityProviderWithId
parameters:
- name: identityProviderId
in: path
schema:
type: string
required: true
description: The Id of the identity provider to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
get:
description: Retrieves the identity provider for the given id or all the identity
providers if the id is null.
operationId: retrieveIdentityProviderWithId
parameters:
- name: identityProviderId
in: path
schema:
type: string
required: true
description: The identity provider Id.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
delete:
description: Deletes the identity provider for the given Id.
operationId: deleteIdentityProviderWithId
parameters:
- name: identityProviderId
in: path
schema:
type: string
required: true
description: The Id of the identity provider to delete.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Creates an identity provider. You can optionally specify an Id
for the identity provider, if not provided one will be generated.
operationId: createIdentityProviderWithId
parameters:
- name: identityProviderId
in: path
schema:
type: string
required: true
description: The Id of the identity provider. If not provided a secure random
UUID will be generated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
put:
description: Updates the identity provider with the given Id.
operationId: updateIdentityProviderWithId
parameters:
- name: identityProviderId
in: path
schema:
type: string
required: true
description: The Id of the identity provider to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/passwordless/login":
post:
description: Complete a login request using a passwordless code
operationId: passwordlessLoginWithId
security: []
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordlessLoginRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/LoginResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/api-key/{apiKeyId}":
put:
description: Updates an API key by given id
operationId: updateAPIKeyWithId
parameters:
- name: apiKeyId
in: path
schema:
type: string
required: true
description: The Id of the API key to update.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/system-configuration":
put:
description: Updates the system configuration.
operationId: updateSystemConfigurationWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/SystemConfigurationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SystemConfigurationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
patch:
description: Updates, via PATCH, the system configuration.
operationId: patchSystemConfigurationWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/SystemConfigurationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SystemConfigurationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/identity-provider/link/pending/{pendingLinkId}":
get:
description: Retrieve a pending identity provider link. This is useful to validate
a pending link and retrieve meta-data about the identity provider link.
operationId: retrievePendingLinkWithId
parameters:
- name: userId
in: query
schema:
type: string
description: The optional userId. When provided additional meta-data will
be provided to identify how many links if any the user already has.
- name: pendingLinkId
in: path
schema:
type: string
required: true
description: The pending link Id.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/IdentityProviderPendingLinkResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/change-password/{changePasswordId}":
get:
description: Check to see if the user must obtain a Trust Token Id in order
to complete a change password request. When a user has enabled Two-Factor
authentication, before you are allowed to use the Change Password API to change
your password, you must obtain a Trust Token by completing a Two-Factor Step-Up
authentication. An HTTP status code of 400 with a general error code of [TrustTokenRequired]
indicates that a Trust Token is required to make a POST request to this API.
operationId: checkChangePasswordUsingIdWithId
security: []
parameters:
- name: changePasswordId
in: path
schema:
type: string
required: true
description: The change password Id used to find the user. This value is generated
by FusionAuth once the change password workflow has been initiated.
responses:
'200':
description: Success
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
post:
description: Changes a user's password using the change password Id. This usually
occurs after an email has been sent to the user and they clicked on a link
to reset their password. As of version 1.32.2, prefer sending the changePasswordId
in the request body. To do this, omit the first parameter, and set the value
in the request body.
operationId: changePasswordWithId
security: []
parameters:
- name: changePasswordId
in: path
schema:
type: string
required: true
description: The change password Id used to find the user. This value is generated
by FusionAuth once the change password workflow has been initiated.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ChangePasswordRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ChangePasswordResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/user/bulk":
delete:
description: Deactivates the users with the given ids. OR Deletes the users
with the given ids, or users matching the provided JSON query or queryString.
The order of preference is ids, query and then queryString, it is recommended
to only provide one of the three for the request. This method can be used
to deactivate or permanently delete (hard-delete) users based upon the hardDelete
boolean in the request body. Using the dryRun parameter you may also request
the result of the action without actually deleting or deactivating any users.
operationId: deleteUserBulk
parameters:
- name: userIds
in: query
schema:
type: string
description: The ids of the users to deactivate.
- name: dryRun
in: query
schema:
type: string
- name: hardDelete
in: query
schema:
type: string
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/UserDeleteResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/UserDeleteRequest"
"/api/jwt/public-key":
get:
description: Retrieves the Public Key configured for verifying JSON Web Tokens
(JWT) by the key Id (kid). OR Retrieves the Public Key configured for verifying
the JSON Web Tokens (JWT) issued by the Login API by the Application Id.
operationId: retrieveJwtPublicKey
security: []
parameters:
- name: keyId
in: query
schema:
type: string
description: The Id of the public key (kid).
- name: applicationId
in: query
schema:
type: string
description: The Id of the Application for which this key is used.
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/PublicKeyResponse"
default:
description: Error
"/api/api-key":
post:
description: Creates an API key. You can optionally specify a unique Id for
the key, if not provided one will be generated. an API key can only be created
with equal or lesser authority. An API key cannot create another API key unless
it is granted to that API key. If an API key is locked to a tenant, it can
only create API Keys for that same tenant.
operationId: createAPIKey
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/APIKeyResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/application":
get:
description: Retrieves the application for the given id or all the applications
if the id is null. OR Retrieves all the applications that are currently inactive.
operationId: retrieveApplication
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
- name: inactive
in: query
schema:
type: string
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
post:
description: Creates an application. You can optionally specify an Id for the
application, if not provided one will be generated.
operationId: createApplication
parameters:
- in: header
name: X-FusionAuth-TenantId
description: The unique Id of the tenant used to scope this API request. Only
required when there is more than one tenant and the API key is not tenant-scoped.
required: false
schema:
type: string
format: UUID
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ApplicationResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/email/template/search":
post:
description: Searches email templates with the specified criteria and pagination.
operationId: searchEmailTemplatesWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/EmailTemplateSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webhook/search":
post:
description: Searches webhooks with the specified criteria and pagination.
operationId: searchWebhooksWithId
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookSearchRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebhookSearchResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/webauthn/assert":
post:
description: Complete a WebAuthn authentication ceremony by validating the signature
against the previously generated challenge without logging the user in
operationId: completeWebAuthnAssertionWithId
security: []
parameters: []
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnLoginRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/WebAuthnAssertResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/api/jwt/validate":
get:
description: Validates the provided JWT (encoded JWT string) to ensure the token
is valid. A valid access token is properly signed and not expired. requestData to access key value pairs in the email template.
operationId: sendEmailWithId
parameters:
- name: emailTemplateId
in: path
schema:
type: string
required: true
description: The id for the template.
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/SendRequest"
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/SendResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/.well-known/openid-configuration":
get:
description: Returns the well known OpenID Configuration JSON document
operationId: retrieveOpenIdConfigurationWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/OpenIdConfiguration"
default:
description: Error
"/api/reactor/metrics":
get:
description: Retrieves the FusionAuth Reactor metrics.
operationId: retrieveReactorMetricsWithId
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/ReactorMetricsResponse"
default:
description: Error
"/api/system/version":
get:
description: Retrieves the FusionAuth version string.
operationId: retrieveVersionWithId
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/VersionResponse"
default:
description: Error
content:
application/json:
schema:
"$ref": "#/components/schemas/Errors"
"/.well-known/jwks.json":
get:
description: Returns public keys used by FusionAuth to cryptographically verify
JWTs using the JSON Web Key format.
operationId: retrieveJsonWebKeySetWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/JWKSResponse"
default:
description: Error
"/api/report/totals":
get:
description: Retrieves the totals report. This contains all the total counts
for each application and the global registration count.
operationId: retrieveTotalReportWithId
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/TotalsReportResponse"
default:
description: Error
"/api/tenant/password-validation-rules":
get:
description: Retrieves the password validation rules for a specific tenant.
This method requires a tenantId to be provided through the use of a Tenant
scoped API key or an HTTP header X-FusionAuth-TenantId to specify the Tenant
Id. This API does not require an API key.
operationId: retrievePasswordValidationRulesWithId
security: []
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/PasswordValidationRulesResponse"
default:
description: Error
"/api/key":
get:
description: Retrieves all the keys.
operationId: retrieveKeysWithId
parameters: []
responses:
'200':
description: Success
content:
application/json:
schema:
"$ref": "#/components/schemas/KeyResponse"
default:
description: Error