openapi: 3.0.1 info: title: Gravitee.io - Access Management API version: 4.2.0 servers: - url: /management security: - gravitee-auth: [] tags: - name: Authentication Device Notifier - name: Bot Detection - name: Certificate - name: Device Identifier - name: Extension Grant - name: Factor - name: Identity Provider - name: Newsletter - name: Notifier - name: Plugin - name: Policy - name: Reporter - name: Resource - name: alerts - name: application - name: audit - name: bot detection - name: certificate - name: device identifiers - name: devices - name: dictionary - name: domain - name: email - name: entrypoints - name: extension grant - name: factor - name: flow - name: form - name: group - name: identity provider - name: platform - name: preview - name: reporter - name: resource - name: role - name: scope - name: sharding-tags - name: theme - name: user - name: user notifications paths: /application.wadl: get: operationId: getWadl responses: default: description: default response content: application/vnd.sun.wadl+xml: {} application/xml: {} /application.wadl/{path}: get: operationId: getExternalGrammar parameters: - name: path in: path required: true schema: type: string responses: default: description: default response content: application/xml: {} /organizations/{organizationId}/audits: get: tags: - audit summary: List audit logs for the organization description: "User must have the ORGANIZATION_AUDIT[LIST] permission on the\ \ specified organization. Except if user has ORGANIZATION_AUDIT[READ] permission\ \ on the organization, each returned audit is filtered and contains only basic\ \ information such as id, date, event, actor, target and status." operationId: list parameters: - name: organizationId in: path required: true schema: type: string - name: type in: query schema: type: string - name: status in: query schema: type: string - name: user in: query schema: type: string - name: from in: query schema: type: integer format: int64 - name: to in: query schema: type: integer format: int64 - name: size in: query schema: type: integer format: int32 default: 10 - name: page in: query schema: type: integer format: int32 default: 0 responses: "200": description: List audit logs for the platform content: application/json: schema: type: array items: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/audits/{audit}: get: tags: - audit summary: Get an audit log description: "User must have the ORGANIZATION_AUDIT[READ] permission on the\ \ specified organization" operationId: get_1 parameters: - name: organizationId in: path required: true schema: type: string - name: audit in: path required: true schema: type: string responses: "200": description: Audit log successfully fetched content: application/json: schema: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/entrypoints: get: tags: - entrypoints summary: List entrypoints description: "User must have the ORGANIZATION[LIST] permission on the specified\ \ organization. Each returned entrypoint is filtered and contains only basic\ \ information such as id and name." operationId: list_1 parameters: - name: organizationId in: path required: true schema: type: string responses: "200": description: List all the entrypoints content: application/json: schema: type: array items: $ref: '#/components/schemas/Entrypoint' "500": description: Internal server error post: tags: - entrypoints summary: Create a entrypoint description: "User must have the ORGANIZATION_ENTRYPOINT[CREATE] permission\ \ on the specified organization" operationId: create parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewEntrypoint' required: true responses: "201": description: Entrypoint successfully created "500": description: Internal server error /organizations/{organizationId}/entrypoints/{entrypointId}: get: tags: - entrypoints summary: Get a sharding entrypoint description: "User must have the ORGANIZATION_ENTRYPOINT[READ] permission on\ \ the specified organization" operationId: get_2 parameters: - name: organizationId in: path required: true schema: type: string - name: entrypointId in: path required: true schema: type: string responses: "200": description: Sharding entrypoint content: application/json: schema: $ref: '#/components/schemas/Entrypoint' "500": description: Internal server error put: tags: - entrypoints summary: Update the sharding entrypoint description: "User must have the ORGANIZATION_ENTRYPOINT[UPDATE] permission\ \ on the specified organization" operationId: update parameters: - name: organizationId in: path required: true schema: type: string - name: entrypointId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateEntrypoint' required: true responses: "200": description: Sharding entrypoint successfully updated content: application/json: schema: $ref: '#/components/schemas/Entrypoint' "500": description: Internal server error delete: tags: - entrypoints summary: Delete the sharding entrypoint description: "User must have the ORGANIZATION_ENTRYPOINT[DELETE] permission\ \ on the specified organization" operationId: delete parameters: - name: organizationId in: path required: true schema: type: string - name: entrypointId in: path required: true schema: type: string responses: "204": description: Sharding entrypoint successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments: get: summary: List all the environments description: "User must have the ENVIRONMENT[LIST] permission on the specified\ \ organization AND either ENVIRONMENT[READ] permission on each environment\ \ or ENVIRONMENT[READ] permission on the specified organization.Each returned\ \ environment is filtered and contains only basic information such as id and\ \ name." operationId: list_20 parameters: - name: organizationId in: path required: true schema: type: string responses: "200": description: List all the environments of the organization content: application/json: schema: type: array items: $ref: '#/components/schemas/Environment' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains: get: tags: - domain summary: List security domains for an environment description: "List all the security domains accessible to the current user.\ \ User must have DOMAIN[LIST] permission on the specified environment or organization\ \ AND either DOMAIN[READ] permission on each security domain or DOMAIN[READ]\ \ permission on the specified environment or DOMAIN[READ] permission on the\ \ specified organization.Each returned domain is filtered and contains only\ \ basic information such as id, name and description and isEnabled." operationId: listDomains parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 50 - name: q in: query schema: type: string responses: "200": description: List accessible security domains for current user content: application/json: schema: type: array items: $ref: '#/components/schemas/Domain' "500": description: Internal server error post: tags: - domain summary: Create a security domain. description: "Create a security domain. User must have DOMAIN[CREATE] permission\ \ on the specified environment or DOMAIN[CREATE] permission on the specified\ \ organization" operationId: createDomain parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewDomain' required: true responses: "201": description: Domain successfully created content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/_hrid/{hrid}: get: tags: - domain summary: Get a security domain by hrid description: "User must have the DOMAIN[READ] permission on the specified domain,\ \ environment or organization. Domain will be filtered according to permissions\ \ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\ \ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)" operationId: findDomainByHrid parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: hrid in: path required: true schema: type: string responses: "200": description: Domain content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}: get: tags: - domain summary: Get a security domain description: "User must have the DOMAIN[READ] permission on the specified domain,\ \ environment or organization. Domain will be filtered according to permissions\ \ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\ \ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)" operationId: findDomain parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: Domain content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error put: tags: - domain summary: Update the security domain description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\ \ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\ \ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization." operationId: updateDomain parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchDomain' required: true responses: "200": description: Domain successfully updated content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error delete: tags: - domain summary: Delete the security domain description: "User must have the DOMAIN[DELETE] permission on the specified\ \ domain or DOMAIN[DELETE] permission on the specified environment or DOMAIN[DELETE]\ \ permission on the specified organization." operationId: deleteDomain parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "204": description: Domain successfully deleted "500": description: Internal server error patch: tags: - domain summary: Patch the security domain description: "User must have the DOMAIN_SETTINGS[UPDATE] permission on the specified\ \ domain or DOMAIN_SETTINGS[UPDATE] permission on the specified environment\ \ or DOMAIN_SETTINGS[UPDATE] permission on the specified organization." operationId: patchDomain parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchDomain' required: true responses: "200": description: Domain successfully patched content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers: get: tags: - alerts - domain summary: List alert notifiers description: "List all the alert notifiers of the domain. User must have DOMAIN_ALERT_NOTIFIER[LIST]\ \ permission on the specified domain, environment or organization." operationId: listAlertNotifiers parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List alert notifiers for current user content: application/json: schema: type: array items: $ref: '#/components/schemas/AlertNotifier' "500": description: Internal server error post: tags: - alerts - domain summary: Create an alert notifier description: "Create a new alert notifierUser must have DOMAIN_ALERT_NOTIFIER[CREATE]\ \ permission on the specified domain, environment or organization." operationId: createAlertNotifier parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewAlertNotifier' required: true responses: "200": description: Alert notifier successfully created content: application/json: schema: $ref: '#/components/schemas/AlertNotifier' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/notifiers/{notifierId}: get: tags: - alerts - domain summary: Get an alert notifier description: "Get an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[LIST]\ \ permission on the specified domain, environment or organization." operationId: getAlertNotifier parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: notifierId in: path required: true schema: type: string responses: "200": description: The alert notifier content: application/json: schema: $ref: '#/components/schemas/AlertNotifier' "500": description: Internal server error delete: tags: - alerts - domain summary: Delete an alert notifier description: "Delete an alert notifier by its id. User must have DOMAIN_ALERT_NOTIFIER[DELETE]\ \ permission on the specified domain, environment or organization." operationId: deleteAlertNotifier parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: notifierId in: path required: true schema: type: string responses: "204": description: Alert notifier successfully deleted "500": description: Internal server error patch: tags: - alerts - domain summary: Update an alert notifier description: "Update an alert notifierUser must have DOMAIN_ALERT_NOTIFIER[UPDATE]\ \ permission on the specified domain, environment or organization." operationId: patchAlertNotifier parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: notifierId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchAlertNotifier' required: true responses: "200": description: Alert notifier successfully updated content: application/json: schema: $ref: '#/components/schemas/AlertNotifier' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/alerts/triggers: get: tags: - alerts - domain summary: List alert alert triggers description: "List all the alert triggers of the domain accessible to the current\ \ user. User must have DOMAIN_ALERT[LIST] permission on the specified domain,\ \ environment or organization." operationId: list_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List alert triggers for current user content: application/json: schema: type: array items: $ref: '#/components/schemas/AlertTrigger' "500": description: Internal server error patch: tags: - alerts - domain summary: Update multiple alert triggers description: "Update multiple alert triggers in the same timeUser must have\ \ DOMAIN_ALERT[UPDATE] permission on the specified domain, environment or\ \ organization." operationId: list_3 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: type: array items: $ref: '#/components/schemas/PatchAlertTrigger' required: true responses: "200": description: Alert triggers successfully updated content: application/json: schema: type: array items: $ref: '#/components/schemas/AlertTrigger' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/analytics: get: tags: - domain summary: Find domain analytics description: "User must have DOMAIN_ANALYTICS[READ] permission on the specified\ \ domain or DOMAIN_ANALYTICS[READ] permission on the specified environment\ \ or DOMAIN_ANALYTICS[READ] permission on the specified organization" operationId: get_3 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: from in: query description: Used to define the start date of the time window to query schema: type: integer format: int64 - name: to in: query description: Used to define the end date of the time window to query schema: type: integer format: int64 - name: interval in: query description: The time interval when getting histogram data schema: type: integer format: int64 - name: size in: query description: The number of data to retrieve schema: type: integer format: int32 - name: type in: query description: "The type of data to retrieve (group_by, date_histo, count)" required: true schema: $ref: '#/components/schemas/AnalyticsTypeParam' - name: field in: query schema: type: string responses: "200": description: Analytics successfully fetched "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications: get: tags: - application - domain summary: List registered applications for a security domain description: "User must have the APPLICATION[LIST] permission on the specified\ \ domain, environment or organization AND either APPLICATION[READ] permission\ \ on each domain's application or APPLICATION[READ] permission on the specified\ \ domain or APPLICATION[READ] permission on the specified environment or APPLICATION[READ]\ \ permission on the specified organization. Each returned application is filtered\ \ and contains only basic information such as id, name, description and isEnabled." operationId: listApplications parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 50 - name: q in: query schema: type: string responses: "200": description: List registered applications for a security domain content: application/json: schema: $ref: '#/components/schemas/ApplicationPage' "500": description: Internal server error post: tags: - application - domain summary: Create an application description: "User must have APPLICATION[CREATE] permission on the specified\ \ domain or APPLICATION[CREATE] permission on the specified environment or\ \ APPLICATION[CREATE] permission on the specified organization" operationId: createApplication parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewApplication' required: true responses: "201": description: Application successfully created content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}: get: tags: - application - domain summary: Get an application description: "User must have the APPLICATION[READ] permission on the specified\ \ application or APPLICATION[READ] permission on the specified domain or APPLICATION[READ]\ \ permission on the specified environment or APPLICATION[READ] permission\ \ on the specified organization. Application will be filtered according to\ \ permissions (READ on APPLICATION_IDENTITY_PROVIDER, APPLICATION_CERTIFICATE,\ \ APPLICATION_METADATA, APPLICATION_USER_ACCOUNT, APPLICATION_SETTINGS)" operationId: findApplication parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "200": description: Application content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error put: tags: - application - domain summary: Update an application description: "User must have APPLICATION[UPDATE] permission on the specified\ \ application or APPLICATION[UPDATE] permission on the specified domain or\ \ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\ \ permission on the specified organization" operationId: updateApplication parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchApplication' required: true responses: "200": description: Application successfully updated content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error delete: tags: - application - domain summary: Delete an application description: "User must have APPLICATION[DELETE] permission on the specified\ \ application or APPLICATION[DELETE] permission on the specified domain or\ \ APPLICATION[DELETE] permission on the specified environment or APPLICATION[DELETE]\ \ permission on the specified organization" operationId: deleteApplication parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "204": description: Application successfully deleted "500": description: Internal server error patch: tags: - application - domain summary: Patch an application description: "User must have APPLICATION[UPDATE] permission on the specified\ \ application or APPLICATION[UPDATE] permission on the specified domain or\ \ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\ \ permission on the specified organization" operationId: patchApplication parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchApplication' required: true responses: "200": description: Application successfully patched content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/analytics: get: tags: - application - domain summary: Find application analytics description: "User must have APPLICATION_ANALYTICS[READ] permission on the specified\ \ application or APPLICATION_ANALYTICS[READ] permission on the specified domain\ \ or APPLICATION_ANALYTICS[READ] permission on the specified environment or\ \ APPLICATION_ANALYTICS[READ] permission on the specified organization" operationId: get_4 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: from in: query description: Used to define the start date of the time window to query schema: type: integer format: int64 - name: to in: query description: Used to define the end date of the time window to query schema: type: integer format: int64 - name: interval in: query description: The time interval when getting histogram data schema: type: integer format: int64 - name: size in: query description: The number of data to retrieve schema: type: integer format: int32 - name: type in: query description: "The type of data to retrieve (group_by, date_histo, count)" required: true schema: $ref: '#/components/schemas/AnalyticsTypeParam' - name: field in: query schema: type: string responses: "200": description: Analytics successfully fetched "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails: get: tags: - email - application - domain summary: Find a email for an application description: "User must have APPLICATION_EMAIL_TEMPLATE[READ] permission on\ \ the specified application or APPLICATION_EMAIL_TEMPLATE[READ] permission\ \ on the specified domain or APPLICATION_EMAIL_TEMPLATE[READ] permission on\ \ the specified environment or APPLICATION_EMAIL_TEMPLATE[READ] permission\ \ on the specified organization" operationId: get_5 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: template in: query required: true schema: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT responses: "200": description: Email successfully fetched "500": description: Internal server error post: tags: - email - application - domain summary: Create a email for an application description: "User must have APPLICATION_EMAIL_TEMPLATE[CREATE] permission on\ \ the specified application or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\ \ on the specified domain or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\ \ on the specified environment or APPLICATION_EMAIL_TEMPLATE[CREATE] permission\ \ on the specified organization" operationId: create_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewEmail' required: true responses: "201": description: Email successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/emails/{email}: put: tags: - email - application - domain summary: Update an email for an application description: "User must have APPLICATION_EMAIL_TEMPLATE[UPDATE] permission on\ \ the specified application or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\ \ on the specified domain or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\ \ on the specified environment or APPLICATION_EMAIL_TEMPLATE[UPDATE] permission\ \ on the specified organization" operationId: update_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: email in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateEmail' required: true responses: "201": description: Email successfully updated content: application/json: schema: $ref: '#/components/schemas/Email' "500": description: Internal server error delete: tags: - email - application - domain summary: Delete an email for an application description: "User must have APPLICATION_EMAIL_TEMPLATE[DELETE] permission on\ \ the specified application or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\ \ on the specified domain or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\ \ on the specified environment or APPLICATION_EMAIL_TEMPLATE[DELETE] permission\ \ on the specified organization" operationId: delete_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: email in: path required: true schema: type: string responses: "204": description: Email successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows: get: tags: - application - domain summary: List registered flows for an application description: "User must have the APPLICATION_FLOW[LIST] permission on the specified\ \ domain or APPLICATION_FLOW[LIST] permission on the specified environment\ \ or APPLICATION_FLOW[LIST] permission on the specified organization. Except\ \ if user has APPLICATION_FLOW[READ] permission on the domain, environment\ \ or organization, each returned flow is filtered and contains only basic\ \ information such as id and name and isEnabled." operationId: listAppFlows parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "200": description: List registered flows for an application content: application/json: schema: type: array items: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error put: tags: - application - domain summary: Create or update list of flows description: "User must have the APPLICATION_FLOW[UPDATE] permission on the\ \ specified domain or APPLICATION_FLOW[UPDATE] permission on the specified\ \ environment or APPLICATION_FLOW[UPDATE] permission on the specified organization" operationId: defineAppFlows parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: type: array items: $ref: '#/components/schemas/Flow' required: true responses: "200": description: Flows successfully updated content: application/json: schema: type: array items: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/flows/{flow}: get: tags: - application - domain summary: Get a flow description: "User must have the APPLICATION_FLOW[READ] permission on the specified\ \ domain or APPLICATION_FLOW[READ] permission on the specified environment\ \ or APPLICATION_FLOW[READ] permission on the specified organization" operationId: getAppFlow parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: flow in: path required: true schema: type: string responses: "200": description: Flow content: application/json: schema: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error put: tags: - application - domain summary: Update a flow description: "User must have the APPLICATION_FLOW[UPDATE] permission on the\ \ specified domain or APPLICATION_FLOW[UPDATE] permission on the specified\ \ environment or APPLICATION_FLOW[UPDATE] permission on the specified organization" operationId: updateAppFlow parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: flow in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/Flow' required: true responses: "201": description: Flow successfully updated content: application/json: schema: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms: get: tags: - form - application - domain summary: Find a form for an application description: "User must have APPLICATION_FORM[READ] permission on the specified\ \ application or APPLICATION_FORM[READ] permission on the specified domain\ \ or APPLICATION_FORM[READ] permission on the specified environment or APPLICATION_FORM[READ]\ \ permission on the specified organization" operationId: get_6 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: template in: query required: true schema: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT responses: "200": description: Form successfully fetched "500": description: Internal server error post: tags: - form - application - domain summary: Create a form for an application description: "User must have APPLICATION_FORM[CREATE] permission on the specified\ \ application or APPLICATION_FORM[CREATE] permission on the specified domain\ \ or APPLICATION_FORM[CREATE] permission on the specified environment or APPLICATION_FORM[CREATE]\ \ permission on the specified organization" operationId: create_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewForm' required: true responses: "201": description: Form successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/forms/{form}: put: tags: - form - application - domain summary: Update a form for an application description: "User must have APPLICATION_FORM[UPDATE] permission on the specified\ \ application or APPLICATION_FORM[UPDATE] permission on the specified domain\ \ or APPLICATION_FORM[UPDATE] permission on the specified environment or APPLICATION_FORM[UPDATE]\ \ permission on the specified organization" operationId: update_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: form in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateForm' required: true responses: "201": description: Form successfully updated content: application/json: schema: $ref: '#/components/schemas/Form' "500": description: Internal server error delete: tags: - form - application - domain summary: Delete a form for an application description: "User must have APPLICATION_FORM[DELETE] permission on the specified\ \ application or APPLICATION_FORM[DELETE] permission on the specified domain\ \ or APPLICATION_FORM[DELETE] permission on the specified environment or APPLICATION_FORM[DELETE]\ \ permission on the specified organization" operationId: delete_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: form in: path required: true schema: type: string responses: "204": description: Form successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members: get: tags: - application - domain summary: List members for an application description: "User must have APPLICATION_MEMBER[LIST] permission on the specified\ \ application or APPLICATION_MEMBER[LIST] permission on the specified domain\ \ or APPLICATION_MEMBER[LIST] permission on the specified environment or APPLICATION_MEMBER[LIST]\ \ permission on the specified organization" operationId: getMembers parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "200": description: List members for an application content: application/json: schema: $ref: '#/components/schemas/MembershipListItem' "500": description: Internal server error post: tags: - application - domain summary: Add or update an application member description: "User must have APPLICATION_MEMBER[CREATE] permission on the specified\ \ application or APPLICATION_MEMBER[CREATE] permission on the specified domain\ \ or APPLICATION_MEMBER[CREATE] permission on the specified environment or\ \ APPLICATION_MEMBER[CREATE] permission on the specified organization" operationId: addOrUpdateMember parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewMembership' required: true responses: "201": description: Member has been added or updated successfully "400": description: Membership parameter is not valid "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/permissions: get: tags: - application - domain summary: List application member's permissions description: "User must have APPLICATION[READ] permission on the specified application\ \ or APPLICATION[READ] permission on the specified domain or APPLICATION[READ]\ \ permission on the specified environment or APPLICATION[READ] permission\ \ on the specified organization" operationId: permissions parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "200": description: Application member's permissions content: application/json: schema: type: string "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/members/{member}: delete: tags: - application - domain summary: Remove a membership description: "User must have APPLICATION_MEMBER[DELETE] permission on the specified\ \ application or APPLICATION_MEMBER[DELETE] permission on the specified domain\ \ or APPLICATION_MEMBER[DELETE] permission on the specified environment or\ \ APPLICATION_MEMBER[DELETE] permission on the specified organization" operationId: removeMember parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "204": description: Membership successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources: get: tags: - application - domain summary: List resources for an application description: "User must have APPLICATION_RESOURCE[LIST] permission on the specified\ \ application or APPLICATION_RESOURCE[LIST] permission on the specified domain\ \ or APPLICATION_RESOURCE[LIST] permission on the specified environment or\ \ APPLICATION_RESOURCE[LIST] permission on the specified organization" operationId: list_5 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 50 responses: "200": description: List resources for an application content: application/json: schema: $ref: '#/components/schemas/ResourceListItem' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}: get: tags: - application - domain summary: Get a resource for an application description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\ \ application or APPLICATION_RESOURCE[READ] permission on the specified domain\ \ or APPLICATION_RESOURCE[READ] permission on the specified environment or\ \ APPLICATION_RESOURCE[READ] permission on the specified organization" operationId: get_7 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: resource in: path required: true schema: type: string responses: "200": description: Get a resource for an application content: application/json: schema: $ref: '#/components/schemas/Resource' "500": description: Internal server error ? /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies : get: tags: - application - domain summary: Get resource access policies description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\ \ application or APPLICATION_RESOURCE[READ] permission on the specified domain\ \ or APPLICATION_RESOURCE[READ] permission on the specified environment or\ \ APPLICATION_RESOURCE[READ] permission on the specified organization" operationId: list_4 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: resource in: path required: true schema: type: string responses: "200": description: Get resource access policies content: application/json: schema: type: array items: $ref: '#/components/schemas/AccessPolicyListItem' "500": description: Internal server error ? /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/resources/{resource}/policies/{policy} : get: tags: - application - domain summary: Get resource access policy description: "User must have APPLICATION_RESOURCE[READ] permission on the specified\ \ application or APPLICATION_RESOURCE[READ] permission on the specified domain\ \ or APPLICATION_RESOURCE[READ] permission on the specified environment or\ \ APPLICATION_RESOURCE[READ] permission on the specified organization" operationId: get_8 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string - name: resource in: path required: true schema: type: string - name: policy in: path required: true schema: type: string responses: "200": description: Get resource access policy content: application/json: schema: $ref: '#/components/schemas/AccessPolicy' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/secret/_renew: post: tags: - application - domain summary: Renew application secret description: "User must have APPLICATION_OPENID[UPDATE] permission on the specified\ \ application or APPLICATION_OPENID[UPDATE] permission on the specified domain\ \ or APPLICATION_OPENID[UPDATE] permission on the specified environment or\ \ APPLICATION_OPENID[UPDATE] permission on the specified organization" operationId: renewClientSecret parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string responses: "200": description: Application secret successfully updated content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/applications/{application}/type: put: tags: - application - domain summary: Update an application type description: "User must have APPLICATION[UPDATE] permission on the specified\ \ application or APPLICATION[UPDATE] permission on the specified domain or\ \ APPLICATION[UPDATE] permission on the specified environment or APPLICATION[UPDATE]\ \ permission on the specified organization" operationId: updateApplicationType parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: application in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchApplicationType' required: true responses: "200": description: Application type successfully updated content: application/json: schema: $ref: '#/components/schemas/Application' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits: get: tags: - audit - domain summary: List audit logs for a security domain description: "User must have the DOMAIN_AUDIT[LIST] permission on the specified\ \ domain, environment or organization. Except if user has ORGANIZATION_AUDIT[READ]\ \ permission on the domain, environment or organization, each returned audit\ \ is filtered and contains only basic information such as id, date, event,\ \ actor, target and status." operationId: list_6 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: type in: query schema: type: string - name: status in: query schema: type: string - name: user in: query schema: type: string - name: from in: query schema: type: integer format: int64 - name: to in: query schema: type: integer format: int64 - name: size in: query schema: type: integer format: int32 default: 10 - name: page in: query schema: type: integer format: int32 default: 0 responses: "200": description: List audit logs for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/audits/{audit}: get: tags: - audit - domain summary: Get an audit log description: "User must have the DOMAIN_AUDIT[READ] permission on the specified\ \ domain or DOMAIN_AUDIT[READ] permission on the specified environment or\ \ DOMAIN_AUDIT[READ] permission on the specified organization" operationId: get_9 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: audit in: path required: true schema: type: string responses: "200": description: Audit log successfully fetched content: application/json: schema: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers: get: tags: - Authentication Device Notifier - domain summary: List registered Authentication Device Notifiers for a security domain description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission\ \ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission on\ \ the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[LIST] permission\ \ on the specified organization Each returned Authentication Device Notifier\ \ is filtered and contains only basic information such as id, name." operationId: list_9 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered Authentication Device Notifiers for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/AuthenticationDeviceNotifier' "500": description: Internal server error post: tags: - Authentication Device Notifier - domain summary: Create an Authentication Device Notifier description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\ \ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\ \ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[CREATE] permission\ \ on the specified organization" operationId: create_5 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewAuthenticationDeviceNotifier' required: true responses: "201": description: Authentication Device Notifier successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/auth-device-notifiers/{authDeviceNotifier}: get: tags: - Authentication Device Notifier - domain summary: Get an Authentication Device Notifier description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission\ \ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission on\ \ the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[READ] permission\ \ on the specified organization" operationId: get_12 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: authDeviceNotifier in: path required: true schema: type: string responses: "200": description: Authentication Device Notifier successfully fetched content: application/json: schema: $ref: '#/components/schemas/AuthenticationDeviceNotifier' "500": description: Internal server error put: tags: - Authentication Device Notifier - domain summary: Update an Authentication Device Notifier description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\ \ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\ \ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[UPDATE] permission\ \ on the specified organization" operationId: update_5 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: authDeviceNotifier in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateAuthenticationDeviceNotifier' required: true responses: "201": description: Authentication Device Notifier successfully updated content: application/json: schema: $ref: '#/components/schemas/AuthenticationDeviceNotifier' "500": description: Internal server error delete: tags: - Authentication Device Notifier - domain summary: Delete an Authentication Device Notifier description: "User must have the DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\ \ on the specified domain or DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\ \ on the specified environment or DOMAIN_AUTHDEVICE_NOTIFIER[DELETE] permission\ \ on the specified organization" operationId: delete_5 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: authDeviceNotifier in: path required: true schema: type: string responses: "204": description: Authentication Device Notifier successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections: get: tags: - bot detection - domain summary: List registered bot detections for a security domain description: "User must have the DOMAIN_BOT_DETECTION[LIST] permission on the\ \ specified domain or DOMAIN_BOT_DETECTION[LIST] permission on the specified\ \ environment or DOMAIN_BOT_DETECTION[LIST] permission on the specified organization\ \ Each returned bot detections is filtered and contains only basic information\ \ such as id, name." operationId: list_7 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered bot detections for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/BotDetection' "500": description: Internal server error post: tags: - bot detection - domain summary: Create a bot detection description: "User must have the DOMAIN_BOT_DETECTION[CREATE] permission on\ \ the specified domain or DOMAIN_BOT_DETECTION[CREATE] permission on the specified\ \ environment or DOMAIN_BOT_DETECTION[CREATE] permission on the specified\ \ organization" operationId: create_3 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewBotDetection' required: true responses: "201": description: Bot detection successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/bot-detections/{botDetection}: get: tags: - bot detection - domain summary: Get a bot detection description: "User must have the DOMAIN_BOT_DETECTION[READ] permission on the\ \ specified domain or DOMAIN_BOT_DETECTION[READ] permission on the specified\ \ environment or DOMAIN_BOT_DETECTION[READ] permission on the specified organization" operationId: get_10 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: botDetection in: path required: true schema: type: string responses: "200": description: Bot detection successfully fetched content: application/json: schema: $ref: '#/components/schemas/BotDetection' "500": description: Internal server error put: tags: - bot detection - domain summary: Update a bot detection description: "User must have the DOMAIN_BOT_DETECTION[UPDATE] permission on\ \ the specified domain or DOMAIN_BOT_DETECTION[UPDATE] permission on the specified\ \ environment or DOMAIN_BOT_DETECTION[UPDATE] permission on the specified\ \ organization" operationId: update_3 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: botDetection in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateBotDetection' required: true responses: "201": description: Bot detection successfully updated content: application/json: schema: $ref: '#/components/schemas/BotDetection' "500": description: Internal server error delete: tags: - bot detection - domain summary: Delete a bot detection description: "User must have the DOMAIN_BOT_DETECTION[DELETE] permission on\ \ the specified domain or DOMAIN_BOT_DETECTION[DELETE] permission on the specified\ \ environment or DOMAIN_BOT_DETECTION[DELETE] permission on the specified\ \ organization" operationId: delete_3 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: botDetection in: path required: true schema: type: string responses: "204": description: Bot detection successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates: get: tags: - certificate - domain summary: List registered certificates for a security domain description: "User must have the DOMAIN_CERTIFICATE[LIST] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[LIST] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[LIST] permission on the specified organization.\ \ Each returned certificate is filtered and contains only basic information\ \ such as id, name and type." operationId: listCertificates parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: use in: query schema: type: string responses: "200": description: List registered certificates for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/CertificateEntity' "500": description: Internal server error post: tags: - certificate - domain summary: Create a certificate description: "User must have the DOMAIN_CERTIFICATE[CREATE] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[CREATE] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[CREATE] permission on the specified organization" operationId: createCertificate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewCertificate' required: true responses: "201": description: Certificate successfully created content: application/json: schema: $ref: '#/components/schemas/CertificateEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/rotate: post: tags: - certificate - domain summary: Generate a new System a certificate description: "User must have the DOMAIN_CERTIFICATE[CREATE] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[CREATE] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[CREATE] permission on the specified organization" operationId: rotateCertificate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "201": description: Certificate successfully created content: application/json: schema: $ref: '#/components/schemas/CertificateEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}: get: tags: - certificate - domain summary: Get a certificate description: "User must have the DOMAIN_CERTIFICATE[READ] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[READ] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[READ] permission on the specified organization" operationId: findCertificate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: certificate in: path required: true schema: type: string responses: "200": description: Certificate successfully fetched content: application/json: schema: $ref: '#/components/schemas/CertificateEntity' "500": description: Internal server error put: tags: - certificate - domain summary: Update a certificate description: "User must have the DOMAIN_CERTIFICATE[UPDATE] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[UPDATE] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[UPDATE] permission on the specified organization" operationId: updateCertificate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: certificate in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateCertificate' required: true responses: "201": description: Certificate successfully updated content: application/json: schema: $ref: '#/components/schemas/CertificateEntity' "500": description: Internal server error delete: tags: - certificate - domain summary: Delete a certificate description: "User must have the DOMAIN_CERTIFICATE[DELETE] permission on the\ \ specified domain or DOMAIN_CERTIFICATE[DELETE] permission on the specified\ \ environment or DOMAIN_CERTIFICATE[DELETE] permission on the specified organization" operationId: deleteCertificate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: certificate in: path required: true schema: type: string responses: "204": description: Certificate successfully deleted "400": description: Certificate is bind to existing clients "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/key: get: tags: - certificate - domain summary: Get the certificate public key description: "User must have the DOMAIN[READ] permission on the specified domain\ \ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\ \ permission on the specified organization" operationId: getCertificatePublicKey parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: certificate in: path required: true schema: type: string responses: "200": description: Certificate key successfully fetched content: application/json: schema: type: string "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/certificates/{certificate}/keys: get: tags: - certificate - domain summary: Get the certificate public keys description: "User must have the DOMAIN[READ] permission on the specified domain\ \ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\ \ permission on the specified organization" operationId: getCertificatePublicKeys parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: certificate in: path required: true schema: type: string responses: "200": description: Certificate keys successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/CertificateKey' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers: get: tags: - device identifiers - domain summary: List registered device identifiers for a security domain description: "User must have the DOMAIN_DEVICE_IDENTIFIERS[LIST] permission\ \ on the specified domain or DOMAIN_DEVICE_IDENTIFIERS[LIST] permission on\ \ the specified environment or DOMAIN_DEVICE_IDENTIFIERS[LIST] permission\ \ on the specified organization Each returned bot detections is filtered and\ \ contains only basic information such as id, name." operationId: list_8 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered device identifiers for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/DeviceIdentifier' "500": description: Internal server error post: tags: - device identifiers - domain summary: Create a device identifier description: "User must have the DOMAIN_DEVICE_IDENTIFIER[CREATE] permission\ \ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[CREATE] permission on\ \ the specified environment or DOMAIN_DEVICE_IDENTIFIER[CREATE] permission\ \ on the specified organization" operationId: create_4 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewDeviceIdentifier' required: true responses: "201": description: Device identifiers successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/device-identifiers/{deviceIdentifier}: get: tags: - device identifiers - domain summary: Get a Device identifier description: "User must have the DOMAIN_DEVICE_IDENTIFIER[READ] permission on\ \ the specified domain or DOMAIN_DEVICE_IDENTIFIER[READ] permission on the\ \ specified environment or DOMAIN_DEVICE_IDENTIFIER[READ] permission on the\ \ specified organization" operationId: get_11 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: deviceIdentifier in: path required: true schema: type: string responses: "200": description: Device identifier successfully fetched content: application/json: schema: $ref: '#/components/schemas/DeviceIdentifier' "500": description: Internal server error put: tags: - device identifiers - domain summary: Update a Device identifier description: "User must have the DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission\ \ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission on\ \ the specified environment or DOMAIN_DEVICE_IDENTIFIER[UPDATE] permission\ \ on the specified organization" operationId: update_4 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: deviceIdentifier in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateDeviceIdentifier' required: true responses: "201": description: Device identifier successfully updated content: application/json: schema: $ref: '#/components/schemas/DeviceIdentifier' "500": description: Internal server error delete: tags: - device identifiers - domain summary: Delete a Device identifier description: "User must have the DOMAIN_DEVICE_IDENTIFIER[DELETE] permission\ \ on the specified domain or DOMAIN_DEVICE_IDENTIFIER[DELETE] permission on\ \ the specified environment or DOMAIN_DEVICE_IDENTIFIER[DELETE] permission\ \ on the specified organization" operationId: delete_4 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: deviceIdentifier in: path required: true schema: type: string responses: "204": description: Device identifier successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/emails: get: tags: - email - domain summary: Find a email description: "User must have the DOMAIN_EMAIL_TEMPLATE[READ] permission on the\ \ specified domain or DOMAIN_EMAIL_TEMPLATE[READ] permission on the specified\ \ environment or DOMAIN_EMAIL_TEMPLATE[READ] permission on the specified organization" operationId: get_13 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: template in: query required: true schema: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT responses: "200": description: Email successfully fetched "500": description: Internal server error post: tags: - email - domain summary: Create a email description: "User must have the DOMAIN_EMAIL_TEMPLATE[CREATE] permission on\ \ the specified domain or DOMAIN_EMAIL_TEMPLATE[CREATE] permission on the\ \ specified environment or DOMAIN_EMAIL_TEMPLATE[CREATE] permission on the\ \ specified organization" operationId: create_6 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewEmail' required: true responses: "201": description: Email successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/emails/{email}: put: tags: - email - domain summary: Update an email description: "User must have the DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on\ \ the specified domain or DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on the\ \ specified environment or DOMAIN_EMAIL_TEMPLATE[UPDATE] permission on the\ \ specified organization" operationId: update_6 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: email in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateEmail' required: true responses: "201": description: Email successfully updated content: application/json: schema: $ref: '#/components/schemas/Email' "500": description: Internal server error delete: tags: - email - domain summary: Delete an email description: "User must have the DOMAIN_EMAIL_TEMPLATE[DELETE] permission on\ \ the specified domain or DOMAIN_EMAIL_TEMPLATE[DELETE] permission on the\ \ specified environment or DOMAIN_EMAIL_TEMPLATE[DELETE] permission on the\ \ specified organization" operationId: delete_6 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: email in: path required: true schema: type: string responses: "204": description: Email successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/entrypoints: get: tags: - domain summary: Get the matching gateway entrypoint of the domain description: "User must have the DOMAIN[READ] permission on the specified domain,\ \ environment or organization. Domain will be filtered according to permissions\ \ (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS,\ \ DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)" operationId: getDomainEntrypoints parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: Domain entrypoint content: application/json: schema: type: array items: $ref: '#/components/schemas/Entrypoint' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/extensionGrants: get: tags: - extension grant - domain summary: List registered extension grants for a security domain description: "User must have the DOMAIN_EXTENSION_GRANT[LIST] permission on\ \ the specified domain or DOMAIN_EXTENSION_GRANT[LIST] permission on the specified\ \ environment or DOMAIN_EXTENSION_GRANT[LIST] permission on the specified\ \ organization. Each returned extension grant is filtered and contains only\ \ basic information such as id, name and type." operationId: list_12 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered extension grants for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/ExtensionGrant' "500": description: Internal server error post: tags: - extension grant - domain summary: Create a extension grant description: "User must have the DOMAIN_EXTENSION_GRANT[CREATE] permission on\ \ the specified domain or DOMAIN_EXTENSION_GRANT[CREATE] permission on the\ \ specified environment or DOMAIN_EXTENSION_GRANT[CREATE] permission on the\ \ specified organization" operationId: create_9 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewExtensionGrant' required: true responses: "201": description: Extension grant successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/extensionGrants/{extensionGrant}: get: tags: - extension grant - domain summary: Get a extension grant description: "User must have the DOMAIN_EXTENSION_GRANT[READ] permission on\ \ the specified domain or DOMAIN_EXTENSION_GRANT[READ] permission on the specified\ \ environment or DOMAIN_EXTENSION_GRANT[READ] permission on the specified\ \ organization" operationId: get_16 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: extensionGrant in: path required: true schema: type: string responses: "200": description: Extension grant successfully fetched content: application/json: schema: $ref: '#/components/schemas/ExtensionGrant' "500": description: Internal server error put: tags: - extension grant - domain summary: Update a extension grant description: "User must have the DOMAIN_EXTENSION_GRANT[UPDATE] permission on\ \ the specified domain or DOMAIN_EXTENSION_GRANT[UPDATE] permission on the\ \ specified environment or DOMAIN_EXTENSION_GRANT[UPDATE] permission on the\ \ specified organization" operationId: update_9 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: extensionGrant in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateExtensionGrant' required: true responses: "201": description: Extension grant successfully updated content: application/json: schema: $ref: '#/components/schemas/ExtensionGrant' "500": description: Internal server error delete: tags: - extension grant - domain summary: Delete a extension grant description: "User must have the DOMAIN_EXTENSION_GRANT[DELETE] permission on\ \ the specified domain or DOMAIN_EXTENSION_GRANT[DELETE] permission on the\ \ specified environment or DOMAIN_EXTENSION_GRANT[DELETE] permission on the\ \ specified organization" operationId: delete_9 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: extensionGrant in: path required: true schema: type: string responses: "204": description: Extension grant successfully deleted "400": description: Extension grant is bind to existing clients "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/factors: get: tags: - factor - domain summary: List registered factors for a security domain description: "User must have the DOMAIN_FACTOR[LIST] permission on the specified\ \ domain or DOMAIN_FACTOR[LIST] permission on the specified environment or\ \ DOMAIN_FACTOR[LIST] permission on the specified organization Each returned\ \ factor is filtered and contains only basic information such as id, name\ \ and factor type." operationId: listFactors parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered factors for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/Factor' "500": description: Internal server error post: tags: - factor - domain summary: Create a factor description: "User must have the DOMAIN_FACTOR[CREATE] permission on the specified\ \ domain or DOMAIN_FACTOR[CREATE] permission on the specified environment\ \ or DOMAIN_FACTOR[CREATE] permission on the specified organization" operationId: createFactor parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewFactor' required: true responses: "201": description: Factor successfully created content: application/json: schema: $ref: '#/components/schemas/Factor' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/factors/{factor}: get: tags: - factor - domain summary: Get a factor description: "User must have the DOMAIN_FACTOR[READ] permission on the specified\ \ domain or DOMAIN_FACTOR[READ] permission on the specified environment or\ \ DOMAIN_FACTOR[READ] permission on the specified organization" operationId: getFactor parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: factor in: path required: true schema: type: string responses: "200": description: Factor successfully fetched content: application/json: schema: $ref: '#/components/schemas/Factor' "500": description: Internal server error put: tags: - factor - domain summary: Update a factor description: "User must have the DOMAIN_FACTOR[UPDATE] permission on the specified\ \ domain or DOMAIN_FACTOR[UPDATE] permission on the specified environment\ \ or DOMAIN_FACTOR[UPDATE] permission on the specified organization" operationId: updateFactor parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: factor in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateFactor' required: true responses: "201": description: Factor successfully updated content: application/json: schema: $ref: '#/components/schemas/Factor' "500": description: Internal server error delete: tags: - factor - domain summary: Delete a factor description: "User must have the DOMAIN_FACTOR[DELETE] permission on the specified\ \ domain or DOMAIN_FACTOR[DELETE] permission on the specified environment\ \ or DOMAIN_FACTOR[DELETE] permission on the specified organization" operationId: deleteFactor parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: factor in: path required: true schema: type: string responses: "204": description: Factor successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/flows: get: tags: - flow - domain summary: List registered flows for a security domain description: "User must have the DOMAIN_FLOW[LIST] permission on the specified\ \ domain or DOMAIN_FLOW[LIST] permission on the specified environment or DOMAIN_FLOW[LIST]\ \ permission on the specified organization. Except if user has DOMAIN_FLOW[READ]\ \ permission on the domain, environment or organization, each returned flow\ \ is filtered and contains only basic information such as id and name and\ \ isEnabled." operationId: listDomainFlows parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered flows for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error put: tags: - flow - domain summary: Create or update list of flows description: "User must have the DOMAIN_FLOW[UPDATE] permission on the specified\ \ domain or DOMAIN_FLOW[UPDATE] permission on the specified environment or\ \ DOMAIN_FLOW[UPDATE] permission on the specified organization" operationId: defineDomainFlows parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: type: array items: $ref: '#/components/schemas/Flow' required: true responses: "200": description: Flows successfully updated content: application/json: schema: type: array items: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/flows/{flow}: get: tags: - flow - domain summary: Get a flow description: "User must have the DOMAIN_FLOW[READ] permission on the specified\ \ domain or DOMAIN_FLOW[READ] permission on the specified environment or DOMAIN_FLOW[READ]\ \ permission on the specified organization" operationId: getDomainFlow parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: flow in: path required: true schema: type: string responses: "200": description: Flow content: application/json: schema: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error put: tags: - flow - domain summary: Update a flow description: "User must have the DOMAIN_FLOW[UPDATE] permission on the specified\ \ domain or DOMAIN_FLOW[UPDATE] permission on the specified environment or\ \ DOMAIN_FLOW[UPDATE] permission on the specified organization" operationId: updateDomainFlow parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: flow in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/Flow' required: true responses: "201": description: Flow successfully updated content: application/json: schema: $ref: '#/components/schemas/FlowEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms: get: tags: - form - domain summary: Find a form description: "User must have the DOMAIN_FORM[READ] permission on the specified\ \ domain or DOMAIN_FORM[READ] permission on the specified environment or DOMAIN_FORM[READ]\ \ permission on the specified organization" operationId: get_14 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: template in: query required: true schema: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT responses: "200": description: Form successfully fetched "500": description: Internal server error post: tags: - form - domain summary: Create a form description: "User must have the DOMAIN_FORM[CREATE] permission on the specified\ \ domain or DOMAIN_FORM[CREATE] permission on the specified environment or\ \ DOMAIN_FORM[CREATE] permission on the specified organization" operationId: create_7 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewForm' required: true responses: "201": description: Form successfully created "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms/preview: post: tags: - form - preview - domain summary: Render the provided template description: "User must have the DOMAIN_THEME[READ] permission on the specified\ \ domain or DOMAIN_THEME[READ] permission on the specified environment or\ \ DOMAIN_THEME[READ] permission on the specified organization" operationId: renderDomainTemplate parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PreviewRequest' required: true responses: "200": description: Template successfully rendered content: application/json: schema: $ref: '#/components/schemas/PreviewResponse' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/forms/{form}: put: tags: - form - domain summary: Update a form description: "User must have the DOMAIN_FORM[UPDATE] permission on the specified\ \ domain or DOMAIN_FORM[UPDATE] permission on the specified environment or\ \ DOMAIN_FORM[UPDATE] permission on the specified organization" operationId: update_7 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: form in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateForm' required: true responses: "201": description: Form successfully updated content: application/json: schema: $ref: '#/components/schemas/Form' "500": description: Internal server error delete: tags: - form - domain summary: Delete a form description: "User must have the DOMAIN_FORM[DELETE] permission on the specified\ \ domain or DOMAIN_FORM[DELETE] permission on the specified environment or\ \ DOMAIN_FORM[DELETE] permission on the specified organization" operationId: delete_7 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: form in: path required: true schema: type: string responses: "204": description: Form successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups: get: tags: - group - domain summary: List groups for a security domain description: "User must have the DOMAIN_GROUP[LIST] permission on the specified\ \ domain or DOMAIN_GROUP[LIST] permission on the specified environment or\ \ DOMAIN_GROUP[LIST] permission on the specified organization. Each returned\ \ group is filtered and contains only basic information such as id and name." operationId: listGroups parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 100 responses: "200": description: List groups for a security domain content: application/json: schema: $ref: '#/components/schemas/GroupPage' "500": description: Internal server error post: tags: - group - domain summary: Create a group description: "User must have the DOMAIN_GROUP[CREATE] permission on the specified\ \ domain or DOMAIN_GROUP[CREATE] permission on the specified environment or\ \ DOMAIN_GROUP[CREATE] permission on the specified organization" operationId: createGroup parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewGroup' required: true responses: "201": description: Group successfully created content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}: get: tags: - group - domain summary: Get a group description: "User must have the DOMAIN_GROUP[READ] permission on the specified\ \ domain or DOMAIN_GROUP[READ] permission on the specified environment or\ \ DOMAIN_GROUP[READ] permission on the specified organization" operationId: findGroup parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string responses: "200": description: Group successfully fetched content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error put: tags: - group - domain summary: Update a group description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\ \ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\ \ DOMAIN_GROUP[UPDATE] permission on the specified organization" operationId: updateGroup parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateGroup' required: true responses: "201": description: Group successfully updated content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error delete: tags: - group - domain summary: Delete a group description: "User must have the DOMAIN_GROUP[DELETE] permission on the specified\ \ domain or DOMAIN_GROUP[DELETE] permission on the specified environment or\ \ DOMAIN_GROUP[DELETE] permission on the specified organization" operationId: deleteGroup parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string responses: "204": description: Group successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/members: get: tags: - group - domain summary: List group members description: "User must have the DOMAIN_GROUP[READ] permission on the specified\ \ domain or DOMAIN_GROUP[READ] permission on the specified environment or\ \ DOMAIN_GROUP[READ] permission on the specified organization" operationId: getGroupMembers parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 30 responses: "200": description: Group members successfully fetched content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/members/{member}: post: tags: - group - domain summary: Add a group member description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\ \ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\ \ DOMAIN_GROUP[UPDATE] permission on the specified organization" operationId: addGroupMember parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "200": description: Member has been added successfully "400": description: User does not exist "500": description: Internal server error delete: tags: - group - domain summary: Remove a group member description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\ \ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\ \ DOMAIN_GROUP[UPDATE] permission on the specified organization" operationId: removeGroupMember parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "200": description: Member has been removed successfully "400": description: User does not exist "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/roles: get: tags: - group - domain summary: Get a group roles description: "User must have the DOMAIN_GROUP[READ] permission on the specified\ \ domain or DOMAIN_GROUP[READ] permission on the specified environment or\ \ DOMAIN_GROUP[READ] permission on the specified organization" operationId: findGroupRoles parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string responses: "200": description: Group roles successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/Role' "500": description: Internal server error post: tags: - group - domain summary: Assign roles to a group description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\ \ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\ \ DOMAIN_GROUP[UPDATE] permission on the specified organization" operationId: assignRoles parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string requestBody: content: application/json: schema: type: array items: type: string required: true responses: "200": description: Roles successfully assigned content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/groups/{group}/roles/{role}: delete: tags: - group - domain summary: Revoke role to a group description: "User must have the DOMAIN_GROUP[UPDATE] permission on the specified\ \ domain or DOMAIN_GROUP[UPDATE] permission on the specified environment or\ \ DOMAIN_GROUP[UPDATE] permission on the specified organization" operationId: revokeRole parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "200": description: Roles successfully revoked content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries: get: tags: - dictionary - domain summary: List all i18n dictionaries supported for a security domain description: "User must have the DOMAIN_I18N_DICTIONARY[LIST] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[LIST] permission on the specified\ \ environment or DOMAIN_I18N_DICTIONARY[LIST] permission on the specified\ \ organization." operationId: listI18nDictionaries parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List of i18n dictionaries for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/I18nDictionary' "500": description: Internal server error post: tags: - dictionary - domain summary: Create a new i18n dictionary for a supported language for a security domain description: "User must have the DOMAIN_I18N_DICTIONARY[CREATE] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[CREATE] permission on the\ \ specified environment or DOMAIN_I18N_DICTIONARY[CREATE] permission on the\ \ specified organization." operationId: createI18nDictionary parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: '*/*': schema: $ref: '#/components/schemas/NewDictionary' required: true responses: "201": description: Create a new i18n dictionary for a security domain content: application/json: schema: $ref: '#/components/schemas/I18nDictionary' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries/{dictionary}: get: tags: - dictionary - domain summary: Get a i18n dictionary description: "User must have the DOMAIN_I18N_DICTIONARY[READ] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[READ] permission on the specified\ \ environment or DOMAIN_I18N_DICTIONARY[READ] permission on the specified\ \ organization." operationId: getI18nDictionary parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: dictionary in: path required: true schema: type: string responses: "200": description: Get the i18n dictionary content: application/json: schema: $ref: '#/components/schemas/I18nDictionary' "500": description: Internal server error put: tags: - dictionary - domain summary: Update a i18n dictionary description description: "User must have the DOMAIN_I18N_DICTIONARY[UPDATE] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\ \ specified environment or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\ \ specified organization." operationId: putI18nDictionary parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: dictionary in: path required: true schema: type: string requestBody: content: '*/*': schema: $ref: '#/components/schemas/UpdateI18nDictionary' required: true responses: "200": description: Update the i18n dictionary description content: application/json: schema: $ref: '#/components/schemas/I18nDictionary' "500": description: Internal server error delete: tags: - dictionary - domain summary: Delete a i18n dictionary description: "User must have the DOMAIN_I18N_DICTIONARY[DELETE] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[DELETE] permission on the\ \ specified environment or DOMAIN_I18N_DICTIONARY[DELETE] permission on the\ \ specified organization." operationId: deleteI18nDictionary parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: dictionary in: path required: true schema: type: string responses: "200": description: Delete a i18n dictionary from a security domain "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/i18n/dictionaries/{dictionary}/entries: put: tags: - dictionary - domain summary: Update all the entries for a i18n dictionary description description: "User must have the DOMAIN_I18N_DICTIONARY[UPDATE] permission on\ \ the specified domain or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\ \ specified environment or DOMAIN_I18N_DICTIONARY[UPDATE] permission on the\ \ specified organization." operationId: replaceI18nDictionaryEntries parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: dictionary in: path required: true schema: type: string requestBody: content: '*/*': schema: type: object additionalProperties: type: string required: true responses: "200": description: Update the i18n entries for the given dictionary content: application/json: schema: $ref: '#/components/schemas/I18nDictionary' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities: get: tags: - identity provider - domain summary: List registered identity providers for a security domain description: "User must have the DOMAIN_IDENTITY_PROVIDER[LIST] permission on\ \ the specified domain or DOMAIN_IDENTITY_PROVIDER[LIST] permission on the\ \ specified environment or DOMAIN_IDENTITY_PROVIDER[LIST] permission on the\ \ specified organization. Each returned identity provider is filtered and\ \ contains only basic information such as id, name and type." operationId: listIdentityProviders parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: userProvider in: query schema: type: boolean responses: "200": description: List registered identity providers for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/FilteredIdentityProviderInfo' "500": description: Internal server error post: tags: - identity provider - domain summary: Create an identity provider description: "User must have the DOMAIN_IDENTITY_PROVIDER[CREATE] permission\ \ on the specified domain or DOMAIN_IDENTITY_PROVIDER[CREATE] permission on\ \ the specified environment or DOMAIN_IDENTITY_PROVIDER[CREATE] permission\ \ on the specified organization" operationId: createIdentityProvider parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewIdentityProvider' required: true responses: "201": description: Identity provider successfully created content: application/json: schema: $ref: '#/components/schemas/IdentityProvider' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/identities/{identity}: get: tags: - identity provider - domain summary: Get an identity provider description: "User must have the DOMAIN_IDENTITY_PROVIDER[READ] permission on\ \ the specified domain or DOMAIN_IDENTITY_PROVIDER[READ] permission on the\ \ specified environment or DOMAIN_IDENTITY_PROVIDER[READ] permission on the\ \ specified organization" operationId: findIdentityProvider parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: identity in: path required: true schema: type: string responses: "200": description: Identity provider content: application/json: schema: $ref: '#/components/schemas/IdentityProvider' "500": description: Internal server error put: tags: - identity provider - domain summary: Update an identity provider description: "User must have the DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\ \ on the specified domain or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on\ \ the specified environment or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission\ \ on the specified organization" operationId: updateIdentityProvider parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: identity in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateIdentityProvider' required: true responses: "201": description: Identity provider successfully updated content: application/json: schema: $ref: '#/components/schemas/IdentityProvider' "500": description: Internal server error delete: tags: - identity provider - domain summary: Delete an identity provider description: "User must have the DOMAIN_IDENTITY_PROVIDER[DELETE] permission\ \ on the specified domain or DOMAIN_IDENTITY_PROVIDER[DELETE] permission on\ \ the specified environment or DOMAIN_IDENTITY_PROVIDER[DELETE] permission\ \ on the specified organization" operationId: deleteIdentityProvider parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: identity in: path required: true schema: type: string responses: "204": description: Identity provider successfully deleted "400": description: Identity provider is bind to existing clients "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members: get: tags: - domain summary: List members for a security domain description: "User must have the DOMAIN_MEMBER[LIST] permission on the specified\ \ domain or DOMAIN_MEMBER[LIST] permission on the specified environment or\ \ DOMAIN_MEMBER[LIST] permission on the specified organization" operationId: list_10 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List members for a security domain content: application/json: schema: $ref: '#/components/schemas/MembershipListItem' "500": description: Internal server error post: tags: - domain summary: Add or update an security domain member description: "User must have the DOMAIN_MEMBER[CREATE] permission on the specified\ \ domain or DOMAIN_MEMBER[CREATE] permission on the specified environment\ \ or DOMAIN_MEMBER[CREATE] permission on the specified organization" operationId: addOrUpdateMember_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewMembership' required: true responses: "201": description: Member has been added or updated successfully "400": description: Membership parameter is not valid "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members/permissions: get: tags: - domain summary: List domain member's permissions description: "User must have DOMAIN[READ] permission on the specified domain\ \ or DOMAIN[READ] permission on the specified environment or DOMAIN[READ]\ \ permission on the specified organization" operationId: permissions_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: Domain member's permissions content: application/json: schema: type: string "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/members/{member}: delete: tags: - domain summary: Remove a membership description: "User must have the DOMAIN_MEMBER[DELETE] permission on the specified\ \ domain or DOMAIN_MEMBER[DELETE] permission on the specified environment\ \ or DOMAIN_MEMBER[DELETE] permission on the specified organization" operationId: removeMember_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "204": description: Membership successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/reporters: get: tags: - reporter - domain summary: List registered reporters for a security domain description: "User must have the DOMAIN_REPORTER[LIST] permission on the specified\ \ domain or DOMAIN_REPORTER[LIST] permission on the specified environment\ \ or DOMAIN_REPORTER[LIST] permission on the specified organization. Except\ \ if user has DOMAIN_REPORTER[READ] permission on the domain, environment\ \ or organization, each returned reporter is filtered and contains only basic\ \ information such as id and name and type." operationId: list_11 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: userProvider in: query schema: type: boolean responses: "200": description: List registered reporters for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/Reporter' "500": description: Internal server error post: tags: - reporter - domain summary: Create a reporter for a security domain description: "User must have the DOMAIN_REPORTER[CREATE] permission on the specified\ \ domain or DOMAIN_REPORTER[CREATE] permission on the specified environment\ \ or DOMAIN_REPORTER[CREATE] permission on the specified organization." operationId: create_8 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewReporter' responses: "201": description: Reporter created for a security domain content: application/json: schema: $ref: '#/components/schemas/Reporter' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/reporters/{reporter}: get: tags: - reporter - domain summary: Get a reporter description: "User must have the DOMAIN_REPORTER[READ] permission on the specified\ \ domain or DOMAIN_REPORTER[READ] permission on the specified environment\ \ or DOMAIN_REPORTER[READ] permission on the specified organization" operationId: get_15 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: reporter in: path required: true schema: type: string responses: "200": description: Reporter successfully fetched content: application/json: schema: $ref: '#/components/schemas/Reporter' "500": description: Internal server error put: tags: - reporter - domain summary: Update a reporter description: "User must have the DOMAIN_REPORTER[UPDATE] permission on the specified\ \ domain or DOMAIN_REPORTER[UPDATE] permission on the specified environment\ \ or DOMAIN_REPORTER[UPDATE] permission on the specified organization" operationId: update_8 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: reporter in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateReporter' required: true responses: "201": description: Reporter successfully updated content: application/json: schema: $ref: '#/components/schemas/Reporter' "500": description: Internal server error delete: tags: - reporter - domain summary: Delete a reporter description: "User must have the DOMAIN_REPORTER[DELETE] permission on the specified\ \ domain or DOMAIN_REPORTER[DELETE] permission on the specified environment\ \ or DOMAIN_REPORTER[DELETE] permission on the specified organization" operationId: delete_8 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: reporter in: path required: true schema: type: string responses: "204": description: Reporter successfully removed content: application/json: {} "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/resources: get: tags: - resource - domain summary: List registered resources for a security domain description: "User must have the DOMAIN_RESOURCE[LIST] permission on the specified\ \ domain or DOMAIN_RESOURCE[LIST] permission on the specified environment\ \ or DOMAIN_RESOURCE[LIST] permission on the specified organization Each returned\ \ resource is filtered and contains only basic information such as id, name\ \ and resource type." operationId: listResources parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List registered resources for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/ServiceResource' "500": description: Internal server error post: tags: - resource - domain summary: Create a resource description: "User must have the DOMAIN_RESOURCE[CREATE] permission on the specified\ \ domain or DOMAIN_RESOURCE[CREATE] permission on the specified environment\ \ or DOMAIN_RESOURCE[CREATE] permission on the specified organization" operationId: createResource parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewServiceResource' required: true responses: "201": description: Resource successfully created content: application/json: schema: $ref: '#/components/schemas/ServiceResource' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/resources/{resource}: get: tags: - resource - domain summary: Get a resource description: "User must have the DOMAIN_RESOURCE[READ] permission on the specified\ \ domain or DOMAIN_RESOURCE[READ] permission on the specified environment\ \ or DOMAIN_RESOURCE[READ] permission on the specified organization" operationId: getResource parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: resource in: path required: true schema: type: string responses: "200": description: Resource successfully fetched content: application/json: schema: $ref: '#/components/schemas/ServiceResource' "500": description: Internal server error put: tags: - resource - domain summary: Update a resource description: "User must have the DOMAIN_RESOURCE[UPDATE] permission on the specified\ \ domain or DOMAIN_RESOURCE[UPDATE] permission on the specified environment\ \ or DOMAIN_RESOURCE[UPDATE] permission on the specified organization" operationId: updateResource parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: resource in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateServiceResource' required: true responses: "201": description: Resource successfully updated content: application/json: schema: $ref: '#/components/schemas/ServiceResource' "500": description: Internal server error delete: tags: - resource - domain summary: Delete a resource description: "User must have the DOMAIN_RESOURCE[DELETE] permission on the specified\ \ domain or DOMAIN_RESOURCE[DELETE] permission on the specified environment\ \ or DOMAIN_RESOURCE[DELETE] permission on the specified organization" operationId: deleteResource parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: resource in: path required: true schema: type: string responses: "204": description: Resource successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/roles: get: tags: - role - domain summary: List registered roles for a security domain description: "User must have the DOMAIN_ROLE[LIST] permission on the specified\ \ domain or DOMAIN_ROLE[LIST] permission on the specified environment or DOMAIN_ROLE[LIST]\ \ permission on the specified organization. Each returned role is filtered\ \ and contains only basic information such as id and name." operationId: findRoles parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 50 - name: q in: query schema: type: string responses: "200": description: List registered roles for a security domain content: application/json: schema: $ref: '#/components/schemas/RolePage' "500": description: Internal server error post: tags: - role - domain summary: Create a role description: "User must have the DOMAIN_ROLE[CREATE] permission on the specified\ \ domain or DOMAIN_ROLE[CREATE] permission on the specified environment or\ \ DOMAIN_ROLE[CREATE] permission on the specified organization" operationId: createRole parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewRole' required: true responses: "201": description: Role successfully created content: application/json: schema: $ref: '#/components/schemas/Role' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/roles/{role}: get: tags: - role - domain summary: Get a role description: "User must have the DOMAIN_ROLE[READ] permission on the specified\ \ domain or DOMAIN_ROLE[READ] permission on the specified environment or DOMAIN_ROLE[READ]\ \ permission on the specified organization" operationId: findRole parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "200": description: Role successfully fetched content: application/json: schema: $ref: '#/components/schemas/RoleEntity' "500": description: Internal server error put: tags: - role - domain summary: Update a role description: "User must have the DOMAIN_ROLE[UPDATE] permission on the specified\ \ domain or DOMAIN_ROLE[UPDATE] permission on the specified environment or\ \ DOMAIN_ROLE[UPDATE] permission on the specified organization" operationId: updateRole parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: role in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateRole' required: true responses: "201": description: Role successfully updated content: application/json: schema: $ref: '#/components/schemas/RoleEntity' "500": description: Internal server error delete: tags: - role - domain summary: Delete a role description: "User must have the DOMAIN_ROLE[DELETE] permission on the specified\ \ domain or DOMAIN_ROLE[DELETE] permission on the specified environment or\ \ DOMAIN_ROLE[DELETE] permission on the specified organization" operationId: deleteRole parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "204": description: Role successfully deleted "400": description: Role is bind to existing users "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/scopes: get: tags: - scope - domain summary: List scopes for a security domain description: "User must have the DOMAIN_SCOPE[LIST] permission on the specified\ \ domain or DOMAIN_SCOPE[LIST] permission on the specified environment or\ \ DOMAIN_SCOPE[LIST] permission on the specified organization Each returned\ \ scope is filtered and contains only basic information such as id, key, name,\ \ description, isSystem and isDiscovery." operationId: listScopes parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 50 - name: q in: query schema: type: string responses: "200": description: List scopes for a security domain content: application/json: schema: $ref: '#/components/schemas/ScopePage' "500": description: Internal server error post: tags: - scope - domain summary: Create a scope description: "User must have the DOMAIN_SCOPE[CREATE] permission on the specified\ \ domain or DOMAIN_SCOPE[CREATE] permission on the specified environment or\ \ DOMAIN_SCOPE[CREATE] permission on the specified organization" operationId: createScope parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewScope' required: true responses: "201": description: Scope successfully created content: application/json: schema: $ref: '#/components/schemas/Scope' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/scopes/{scope}: get: tags: - scope - domain summary: Get a scope description: "User must have the DOMAIN_SCOPE[READ] permission on the specified\ \ domain or DOMAIN_SCOPE[READ] permission on the specified environment or\ \ DOMAIN_SCOPE[READ] permission on the specified organization" operationId: findScope parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: scope in: path required: true schema: type: string responses: "200": description: Scope content: application/json: schema: $ref: '#/components/schemas/Scope' "500": description: Internal server error put: tags: - scope - domain summary: Update a scope description: "User must have the DOMAIN_SCOPE[UPDATE] permission on the specified\ \ domain or DOMAIN_SCOPE[UPDATE] permission on the specified environment or\ \ DOMAIN_SCOPE[UPDATE] permission on the specified organization" operationId: updateScope parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: scope in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateScope' required: true responses: "200": description: Scope successfully updated content: application/json: schema: $ref: '#/components/schemas/Scope' "500": description: Internal server error delete: tags: - scope - domain summary: Delete a scope description: "User must have the DOMAIN_SCOPE[DELETE] permission on the specified\ \ domain or DOMAIN_SCOPE[DELETE] permission on the specified environment or\ \ DOMAIN_SCOPE[DELETE] permission on the specified organization" operationId: deleteScope parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: scope in: path required: true schema: type: string responses: "204": description: Scope successfully deleted "500": description: Internal server error patch: tags: - scope - domain summary: Patch a scope description: "User must have the DOMAIN_SCOPE[UPDATE] permission on the specified\ \ domain or DOMAIN_SCOPE[UPDATE] permission on the specified environment or\ \ DOMAIN_SCOPE[UPDATE] permission on the specified organization" operationId: patchScope parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: scope in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchScope' required: true responses: "200": description: Scope successfully patched content: application/json: schema: $ref: '#/components/schemas/Scope' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/themes: get: tags: - theme - domain summary: List themes on the specified security domain description: "User must have the DOMAIN_THEME[LIST] permission on the specified\ \ domain or DOMAIN_THEME[LIST] permission on the specified environment or\ \ DOMAIN_THEME[LIST] permission on the specified organization" operationId: listThemes parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string responses: "200": description: List of themes content: application/json: schema: type: array items: $ref: '#/components/schemas/ThemeEntity' "204": description: There is no themes on this domain "500": description: Internal server error post: tags: - theme - domain summary: Create a theme on the specified security domain description: "User must have the DOMAIN_THEME[CREATE] permission on the specified\ \ domain or DOMAIN_THEME[CREATE] permission on the specified environment or\ \ DOMAIN_THEME[CREATE] permission on the specified organization" operationId: createTheme parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewTheme' required: true responses: "201": description: Theme successfully created content: application/json: schema: $ref: '#/components/schemas/ThemeEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/themes/{themeId}: get: tags: - theme - domain summary: Get the theme linked to the specified security domain description: "User must have the DOMAIN_THEME[READ] permission on the specified\ \ domain or DOMAIN_THEME[READ] permission on the specified environment or\ \ DOMAIN_THEME[READ] permission on the specified organization" operationId: getTheme parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: themeId in: path required: true schema: type: string responses: "200": description: Get theme description content: application/json: schema: $ref: '#/components/schemas/ThemeEntity' "404": description: Theme doesn't exist "500": description: Internal server error put: tags: - theme - domain summary: Update a theme on the specified security domain description: "User must have the DOMAIN_THEME[UPDATE] permission on the specified\ \ domain or DOMAIN_THEME[UPDATE] permission on the specified environment or\ \ DOMAIN_THEME[UPDATE] permission on the specified organization" operationId: updateTheme parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: themeId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/ThemeEntity' required: true responses: "200": description: Theme successfully updated content: application/json: schema: $ref: '#/components/schemas/ThemeEntity' "404": description: Theme Not found "500": description: Internal server error delete: tags: - theme - domain summary: Delete a theme on the specified security domain description: "User must have the DOMAIN_THEME[DELETE] permission on the specified\ \ domain or DOMAIN_THEME[DELETE] permission on the specified environment or\ \ DOMAIN_THEME[DELETE] permission on the specified organization" operationId: deleteTheme parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: themeId in: path required: true schema: type: string responses: "204": description: Theme successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users: get: tags: - user - domain summary: List users for a security domain description: "User must have the DOMAIN_USER[LIST] permission on the specified\ \ domain or DOMAIN_USER[LIST] permission on the specified environment or DOMAIN_USER[LIST]\ \ permission on the specified organization. Each returned user is filtered\ \ and contains only basic information such as id and username and displayname.\ \ Last login and identity provider name will be also returned if current user\ \ has DOMAIN_USER[READ] permission on the domain, environment or organization." operationId: listUsers parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: q in: query schema: type: string - name: filter in: query schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 30 responses: "200": description: List users for a security domain content: application/json: schema: $ref: '#/components/schemas/UserPage' "500": description: Internal server error post: tags: - user - domain summary: Create a user on the specified security domain description: "User must have the DOMAIN_USER[CREATE] permission on the specified\ \ domain or DOMAIN_USER[CREATE] permission on the specified environment or\ \ DOMAIN_USER[CREATE] permission on the specified organization" operationId: createUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewUser' required: true responses: "201": description: User successfully created content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}: get: tags: - user - domain summary: Get a user description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: findUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: User successfully fetched content: application/json: schema: $ref: '#/components/schemas/UserEntity' "500": description: Internal server error put: tags: - user - domain summary: Update a user description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: updateUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateUser' required: true responses: "201": description: User successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error delete: tags: - user - domain summary: Delete a user description: "User must have the DOMAIN_USER[DELETE] permission on the specified\ \ domain or DOMAIN_USER[DELETE] permission on the specified environment or\ \ DOMAIN_USER[DELETE] permission on the specified organization" operationId: deleteUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "204": description: User successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/audits: get: tags: - user - domain summary: Get a user audit logs description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_13 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: type in: query schema: type: string - name: status in: query schema: type: string - name: from in: query schema: type: integer format: int64 - name: to in: query schema: type: integer format: int64 - name: size in: query schema: type: integer format: int32 default: 10 - name: page in: query schema: type: integer format: int32 default: 0 responses: "200": description: User audit logs successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/audits/{audit}: get: tags: - user - domain summary: Get a user audit log description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: get_17 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: audit in: path required: true schema: type: string responses: "200": description: User audit log successfully fetched content: application/json: schema: $ref: '#/components/schemas/Audit' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents: get: tags: - user - domain summary: Get a user consents description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_14 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: clientId in: query schema: type: string responses: "200": description: User consents successfully fetched content: application/json: schema: $ref: '#/components/schemas/ScopeApprovalEntity' "500": description: Internal server error delete: tags: - user - domain summary: Revoke user consents description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: delete_10 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: clientId in: query schema: type: string responses: "204": description: User consents successfully revoked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/consents/{consent}: get: tags: - user - domain summary: Get a user consent description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: get_18 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: consent in: path required: true schema: type: string responses: "200": description: User consent successfully fetched content: application/json: schema: $ref: '#/components/schemas/ScopeApprovalEntity' "500": description: Internal server error delete: tags: - user - domain summary: Revoke a user consent description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: revoke parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: consent in: path required: true schema: type: string responses: "204": description: User consent successfully revoked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/credentials: get: tags: - user - domain summary: Get a user credentials description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_15 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: User credentials successfully fetched content: application/json: schema: $ref: '#/components/schemas/Credential' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/credentials/{credential}: get: tags: - user - domain summary: Get a user credential description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: get_19 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: credential in: path required: true schema: type: string responses: "200": description: User credential successfully fetched content: application/json: schema: $ref: '#/components/schemas/Credential' "500": description: Internal server error delete: tags: - user - domain summary: Revoke a user credential description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: revoke_1 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: credential in: path required: true schema: type: string responses: "204": description: User credential successfully revoked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/devices: get: tags: - devices - user - domain summary: List users for a security domain description: "User must have the DOMAIN_USER_DEVICES[LIST] permission on the\ \ specified domain or DOMAIN_USER_DEVICES[LIST] permission on the specified\ \ environment or DOMAIN_USER_DEVICES[LIST] permission on the specified organization. " operationId: list_16 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: List users for a security domain content: application/json: schema: type: array items: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/devices/{device}: delete: tags: - devices - user - domain summary: Delete a device description: "User must have the DOMAIN_USER_DEVICE[DELETE] permission on the\ \ specified domain or DOMAIN_USER_DEVICE[DELETE] permission on the specified\ \ environment or DOMAIN_USER_DEVICE[DELETE] permission on the specified organization" operationId: delete_11 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: device in: path required: true schema: type: string responses: "204": description: User successfully deleted "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/factors: get: tags: - user - domain summary: Get a user enrolled factors description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_17 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: User enrolled factors successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/EnrolledFactorEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/factors/{factor}: delete: tags: - user - domain summary: Revoke user factor description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: delete_12 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: factor in: path required: true schema: type: string responses: "204": description: User factor successfully revoked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/identities: get: tags: - user - domain summary: Get a user linked identities description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_18 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: User linked identities successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/UserIdentityEntity' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/identities/{identity}: delete: tags: - user - domain summary: Unlink user identity description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: delete_13 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: identity in: path required: true schema: type: string responses: "204": description: User identity successfully unlinked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/lock: post: tags: - user - domain summary: Lock a user description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: lockUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "204": description: User locked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/resetPassword: post: tags: - user - domain summary: Reset password description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: resetPassword parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: '*/*': schema: $ref: '#/components/schemas/PasswordValue' required: true responses: "200": description: Password reset "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/roles: get: tags: - user - domain summary: Get a user roles description: "User must have the DOMAIN_USER[READ] permission on the specified\ \ domain or DOMAIN_USER[READ] permission on the specified environment or DOMAIN_USER[READ]\ \ permission on the specified organization" operationId: list_19 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: dynamic in: query schema: type: boolean default: false responses: "200": description: User roles successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/Role' "500": description: Internal server error post: tags: - user - domain summary: Assign roles to a user description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: assign parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: type: array items: type: string required: true responses: "200": description: Roles successfully assigned content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/roles/{role}: delete: tags: - user - domain summary: Revoke role to a user description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: revoke_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "200": description: Roles successfully revoked content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/sendRegistrationConfirmation: post: tags: - user - domain summary: Send registration confirmation email description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: sendRegistrationConfirmation parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: Email sent "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/status: put: tags: - user - domain summary: Update a user status description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: updateUserStatus parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/StatusEntity' required: true responses: "201": description: User status successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/unlock: post: tags: - user - domain summary: Unlock a user description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: unlockUser parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "204": description: User unlocked "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/domains/{domain}/users/{user}/username: patch: tags: - user - domain summary: Update a user username description: "User must have the DOMAIN_USER[UPDATE] permission on the specified\ \ domain or DOMAIN_USER[UPDATE] permission on the specified environment or\ \ DOMAIN_USER[UPDATE] permission on the specified organization" operationId: updateUsername parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string - name: domain in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UsernameEntity' required: true responses: "201": description: User username successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/environments/{environmentId}/members/permissions: get: summary: List environment member's permissions description: "User must have ENVIRONMENT[READ] permission on the specified environment\ \ or ENVIRONMENT[READ] permission on the specified organization" operationId: permissions_2 parameters: - name: organizationId in: path required: true schema: type: string - name: environmentId in: path required: true schema: type: string responses: "200": description: Environment member's permissions content: application/json: schema: type: string "500": description: Internal server error /organizations/{organizationId}/forms: get: tags: - form summary: Find an organization form template description: "User must have the ORGANIZATION_FORM[READ] permission on the specified\ \ organization" operationId: get_20 parameters: - name: organizationId in: path required: true schema: type: string - name: template in: query required: true schema: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT responses: "200": description: Form successfully fetched "500": description: Internal server error post: tags: - form summary: Create a form description: "User must have the ORGANIZATION_FORM[CREATE] permission on the\ \ specified organization" operationId: create_10 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewForm' required: true responses: "201": description: Form successfully created "500": description: Internal server error /organizations/{organizationId}/forms/{form}: put: tags: - form summary: Update a form description: "User must have the ORGANIZATION_FORM[UPDATE] permission on the\ \ specified organization" operationId: update_10 parameters: - name: organizationId in: path required: true schema: type: string - name: form in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateForm' required: true responses: "201": description: Form successfully updated content: application/json: schema: $ref: '#/components/schemas/Form' "500": description: Internal server error delete: tags: - form summary: Delete a form description: "User must have the ORGANIZATION_FORM[DELETE] permission on the\ \ specified organization" operationId: delete_14 parameters: - name: organizationId in: path required: true schema: type: string - name: form in: path required: true schema: type: string responses: "204": description: Form successfully deleted "500": description: Internal server error /organizations/{organizationId}/groups: get: tags: - group summary: List groups of the organization description: "User must have the ORGANIZATION[LIST] permission on the specified\ \ organization. Each returned group is filtered and contains only basic information\ \ such as id and name." operationId: list_22 parameters: - name: organizationId in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 100 responses: "200": description: List groups of the organization content: application/json: schema: type: array items: $ref: '#/components/schemas/Group' "500": description: Internal server error post: tags: - group summary: Create a platform group description: "User must have the ORGANIZATION_GROUP[CREATE] permission on the\ \ specified organization" operationId: create_11 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewGroup' required: true responses: "201": description: Group successfully created "500": description: Internal server error /organizations/{organizationId}/groups/{group}: get: tags: - group summary: Get a platform group description: "User must have the ORGANIZATION_GROUP[READ] permission on the\ \ specified organization" operationId: getOrganizationGroup parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string responses: "200": description: Group successfully fetched content: application/json: schema: $ref: '#/components/schemas/Group' "500": description: Internal server error put: tags: - group summary: Update a platform group description: "User must have the ORGANIZATION_GROUP[READ] permission on the\ \ specified organization" operationId: updateOrganizationGroup parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateGroup' required: true responses: "201": description: Group successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error delete: tags: - group summary: Delete a platform group description: "User must have the ORGANIZATION_GROUP[READ] permission on the\ \ specified organization" operationId: deleteOrganizationGroup parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string responses: "204": description: Group successfully deleted "500": description: Internal server error /organizations/{organizationId}/groups/{group}/members: get: tags: - group summary: List group members description: "User must have the ORGANIZATION_GROUP[READ] permission on the\ \ specified organization" operationId: list_21 parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 30 responses: "200": description: Group members successfully fetched content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/groups/{group}/members/{member}: post: tags: - group summary: Add a group member description: "User must have the ORGANIZATION_GROUP[UPDATE] permission on the\ \ specified organization" operationId: addMember parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "200": description: Member has been added successfully "400": description: User does not exist "500": description: Internal server error delete: tags: - group summary: Remove a group member description: "User must have the ORGANIZATION_GROUP[UPDATE] permission on the\ \ specified organization" operationId: removeMember_2 parameters: - name: organizationId in: path required: true schema: type: string - name: group in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "200": description: Member has been removed successfully "400": description: User does not exist "500": description: Internal server error /organizations/{organizationId}/identities: get: tags: - identity provider summary: List registered identity providers of the organization description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[LIST] permission\ \ on the specified organization. Each returned identity provider is filtered\ \ and contains only basic information such as id, name, type and isExternal." operationId: list_23 parameters: - name: organizationId in: path required: true schema: type: string - name: userProvider in: query schema: type: boolean responses: "200": description: List registered identity providers of the organization content: application/json: schema: type: array items: $ref: '#/components/schemas/FilteredIdentityProviderInfo' "500": description: Internal server error post: tags: - identity provider summary: Create an identity provider for the organization description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[CREATE] permission\ \ on the specified organization" operationId: create_12 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewIdentityProvider' required: true responses: "201": description: Identity provider successfully created "500": description: Internal server error /organizations/{organizationId}/identities/{identity}: get: tags: - identity provider summary: Get an identity provider description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[READ] permission\ \ on the specified organization" operationId: get_21 parameters: - name: organizationId in: path required: true schema: type: string - name: identity in: path required: true schema: type: string responses: "200": description: Identity provider content: application/json: schema: $ref: '#/components/schemas/IdentityProvider' "500": description: Internal server error put: tags: - identity provider summary: Update an identity provider description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[UPDATE] permission\ \ on the specified organization" operationId: update_11 parameters: - name: organizationId in: path required: true schema: type: string - name: identity in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateIdentityProvider' required: true responses: "201": description: Identity provider successfully updated content: application/json: schema: $ref: '#/components/schemas/IdentityProvider' "500": description: Internal server error delete: tags: - identity provider summary: Delete an identity provider description: "User must have the ORGANIZATION_IDENTITY_PROVIDER[DELETE] permission\ \ on the specified organization" operationId: delete_15 parameters: - name: organizationId in: path required: true schema: type: string - name: identity in: path required: true schema: type: string responses: "204": description: Identity provider successfully deleted "400": description: Identity provider is bind to existing clients "500": description: Internal server error /organizations/{organizationId}/members: get: summary: List members for an organization description: "User must have ORGANIZATION_MEMBER[LIST] permission on the specified\ \ organization" operationId: getMembers_1 parameters: - name: organizationId in: path required: true schema: type: string responses: "200": description: List members for an organization content: application/json: schema: $ref: '#/components/schemas/MembershipListItem' "500": description: Internal server error post: summary: Add or update an organization member description: "User must have ORGANIZATION_MEMBER[READ] permission on the specified\ \ organization" operationId: addOrUpdateMember_2 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewMembership' required: true responses: "201": description: Member has been added or updated successfully "400": description: Membership parameter is not valid "500": description: Internal server error /organizations/{organizationId}/members/{member}: delete: summary: Remove a membership of the organization description: "User must have ORGANIZATION_MEMBER[DELETE] permission on the specified\ \ organization" operationId: removeMember_3 parameters: - name: organizationId in: path required: true schema: type: string - name: member in: path required: true schema: type: string responses: "204": description: Membership successfully deleted "500": description: Internal server error /organizations/{organizationId}/roles: get: tags: - role summary: List registered roles of the organization description: "User must have the ORGANIZATION_ROLE[LIST] permission on the specified\ \ organization. Each returned role is filtered and contains only basic information\ \ such as id, name, isSystem and assignableType." operationId: list_24 parameters: - name: organizationId in: path required: true schema: type: string - name: type in: query schema: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT responses: "200": description: List registered roles of the organization content: application/json: schema: type: array items: $ref: '#/components/schemas/RoleEntity' "500": description: Internal server error post: tags: - role summary: Create a role for the organization description: "User must have the ORGANIZATION_ROLE[CREATE] permission on the\ \ specified organization" operationId: create_13 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewRole' required: true responses: "201": description: Role successfully created "500": description: Internal server error /organizations/{organizationId}/roles/{role}: get: tags: - role summary: Get a platform role description: "User must have the ORGANIZATION_ROLE[READ] permission on the specified\ \ organization" operationId: get_22 parameters: - name: organizationId in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "200": description: Role successfully fetched content: application/json: schema: $ref: '#/components/schemas/RoleEntity' "500": description: Internal server error put: tags: - role summary: Update a platform role description: "User must have the ORGANIZATION_ROLE[UPDATE] permission on the\ \ specified organization" operationId: update_12 parameters: - name: organizationId in: path required: true schema: type: string - name: role in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateRole' required: true responses: "201": description: Role successfully updated content: application/json: schema: $ref: '#/components/schemas/RoleEntity' "500": description: Internal server error delete: tags: - role summary: Delete a plaform role description: "User must have the ORGANIZATION_ROLE[DELETE] permission on the\ \ specified organization" operationId: delete_16 parameters: - name: organizationId in: path required: true schema: type: string - name: role in: path required: true schema: type: string responses: "204": description: Role successfully deleted "400": description: Role is bind to existing users "500": description: Internal server error /organizations/{organizationId}/settings: get: summary: Get organization main settings description: "User must have the ORGANIZATION_SETTINGS[READ] permission on the\ \ specified organization" operationId: get_23 parameters: - name: organizationId in: path required: true schema: type: string responses: "200": description: Platform settings successfully fetched content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error patch: summary: Update platform main settings description: "User must have the ORGANIZATION_SETTINGS[UPDATE] permission on\ \ the specified organization" operationId: patch parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/PatchOrganization' required: true responses: "200": description: Platform settings successfully patched content: application/json: schema: $ref: '#/components/schemas/Domain' "500": description: Internal server error /organizations/{organizationId}/tags: get: tags: - sharding-tags summary: List sharding tags description: "User must have the ORGANIZATION[LIST] permission on the specified\ \ organization. Each returned tag is filtered and contains only basic information\ \ such as id and name." operationId: list_25 parameters: - name: organizationId in: path required: true schema: type: string responses: "200": description: List all the sharding tags content: application/json: schema: type: array items: $ref: '#/components/schemas/Domain' "500": description: Internal server error post: tags: - sharding-tags summary: Create a sharding tags description: "User must have the ORGANIZATION_TAG[CREATE] permission on the\ \ specified organization" operationId: create_14 parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewTag' required: true responses: "201": description: Sharding tag successfully created "500": description: Internal server error /organizations/{organizationId}/tags/{tag}: get: tags: - sharding-tags summary: Get a sharding tag description: "User must have the ORGANIZATION_TAG[READ] permission on the specified\ \ organization" operationId: get_24 parameters: - name: organizationId in: path required: true schema: type: string - name: tag in: path required: true schema: type: string responses: "200": description: Sharding tag content: application/json: schema: $ref: '#/components/schemas/Tag' "500": description: Internal server error put: tags: - sharding-tags summary: Update the sharding tag description: "User must have the ORGANIZATION_TAG[UPDATE] permission on the\ \ specified organization" operationId: update_13 parameters: - name: organizationId in: path required: true schema: type: string - name: tag in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateTag' required: true responses: "200": description: Sharding tag successfully updated content: application/json: schema: $ref: '#/components/schemas/Tag' "500": description: Internal server error delete: tags: - sharding-tags summary: Delete the sharding tag description: "User must have the ORGANIZATION_TAG[DELETE] permission on the\ \ specified organization" operationId: delete_17 parameters: - name: organizationId in: path required: true schema: type: string - name: tag in: path required: true schema: type: string responses: "204": description: Sharding tag successfully deleted "500": description: Internal server error /organizations/{organizationId}/users: get: tags: - user summary: List users of the organization description: "User must have the ORGANIZATION_USER[LIST] permission on the specified\ \ organization. Each returned user is filtered and contains only basic information\ \ such as id and username and displayname. Last login and identity provider\ \ name will be also returned if current user has ORGANIZATION_USER[READ] permission\ \ on the organization." operationId: listOrganisationUsers parameters: - name: organizationId in: path required: true schema: type: string - name: q in: query schema: type: string - name: filter in: query schema: type: string - name: page in: query schema: type: integer format: int32 default: 0 - name: size in: query schema: type: integer format: int32 default: 30 responses: "200": description: List users of the organization content: application/json: schema: $ref: '#/components/schemas/Page' "500": description: Internal server error post: tags: - user summary: Create a platform user description: "User must have the ORGANIZATION_USER[READ] permission on the specified\ \ organization" operationId: createOrganisationUser parameters: - name: organizationId in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/NewUser' required: true responses: "201": description: User successfully created content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/users/{user}: get: tags: - user summary: Get a user description: "User must have the ORGANIZATION_USER[READ] permission on the specified\ \ organization" operationId: get_25 parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "200": description: User successfully fetched content: application/json: schema: $ref: '#/components/schemas/UserEntity' "500": description: Internal server error put: tags: - user summary: Update a user description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\ \ specified organization" operationId: updateOrganizationUser parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateUser' required: true responses: "201": description: User successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error delete: tags: - user summary: Delete a user description: "User must have the ORGANIZATION_USER[DELETE] permission on the\ \ specified organization" operationId: deleteOrganizationUser parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string responses: "204": description: User successfully deleted "500": description: Internal server error /organizations/{organizationId}/users/{user}/resetPassword: post: tags: - user summary: Reset password description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\ \ specified organization" operationId: resetOrganizationUserPassword parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: '*/*': schema: $ref: '#/components/schemas/PasswordValue' required: true responses: "200": description: Password reset "500": description: Internal server error /organizations/{organizationId}/users/{user}/status: put: tags: - user summary: Update a user status description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\ \ specified organization" operationId: updateOrganizationUserStatus parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/StatusEntity' required: true responses: "201": description: User status successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /organizations/{organizationId}/users/{user}/username: patch: tags: - user summary: Update a user username description: "User must have the ORGANIZATION_USER[UPDATE] permission on the\ \ specified organization" operationId: updateOrganisationUsername parameters: - name: organizationId in: path required: true schema: type: string - name: user in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UsernameEntity' required: true responses: "201": description: User username successfully updated content: application/json: schema: $ref: '#/components/schemas/User' "500": description: Internal server error /platform/audits/events: get: tags: - platform summary: List audit event types description: There is no particular permission needed. User must be authenticated. operationId: list_38 responses: default: description: default response content: application/json: {} /platform/configuration/alerts/status: get: tags: - platform summary: Get the alert service status description: There is no particular permission needed. User must be authenticated. operationId: getAlertServiceStatus responses: "200": description: Current alert service status content: application/json: schema: $ref: '#/components/schemas/AlertServiceStatusEntity' "500": description: Internal server error /platform/configuration/flow/schema: get: tags: - platform summary: Get the Policy Studio flow schema description: There is no particular permission needed. User must be authenticated. operationId: list_26 responses: default: description: default response content: application/json: {} /platform/configuration/spel/grammar: get: tags: - platform summary: Get the spel grammar description: There is no particular permission needed. User must be authenticated. operationId: getSpelGrammar responses: default: description: default response content: application/json: {} /platform/installation: get: tags: - platform summary: Get installation information description: "User must have the INSTALLATION[READ] permission on the platform" operationId: get_26 responses: "200": description: Installation successfully fetched content: application/json: schema: $ref: '#/components/schemas/InstallationEntity' "404": description: No installation has been found content: application/json: schema: $ref: '#/components/schemas/ErrorEntity' "500": description: Internal server error /platform/license: get: tags: - platform summary: Get current node License operationId: get_27 responses: default: description: default response content: application/json: {} /platform/plugins/auth-device-notifiers: get: tags: - Plugin - Authentication Device Notifier - platform summary: List authentication device notifier plugins description: There is no particular permission needed. User must be authenticated. operationId: list_27 parameters: - name: expand in: query schema: type: array items: type: string responses: default: description: default response content: application/json: {} /platform/plugins/auth-device-notifiers/{authDeviceNotifierId}: get: tags: - Plugin - Authentication Device Notifier - platform summary: Get a Authentication Device Notifier plugin description: There is no particular permission needed. User must be authenticated. operationId: get_28 parameters: - name: authDeviceNotifierId in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/auth-device-notifiers/{authDeviceNotifierId}/schema: get: tags: - Plugin - Authentication Device Notifier - platform summary: Get an Authentication Device Notifier plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema parameters: - name: authDeviceNotifierId in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/bot-detections: get: tags: - Plugin - Bot Detection - platform summary: List bot detection plugins description: There is no particular permission needed. User must be authenticated. operationId: list_28 responses: default: description: default response content: application/json: {} /platform/plugins/bot-detections/{botDetection}: get: tags: - Plugin - Bot Detection - platform summary: Get a Bot Detection plugin description: There is no particular permission needed. User must be authenticated. operationId: get_29 parameters: - name: botDetection in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/bot-detections/{botDetection}/schema: get: tags: - Plugin - Bot Detection - platform summary: Get a Bot Detection plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_1 parameters: - name: botDetection in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/certificates: get: tags: - Plugin - Certificate - platform summary: List certificate plugins description: There is no particular permission needed. User must be authenticated. operationId: list_29 responses: default: description: default response content: application/json: {} /platform/plugins/certificates/{certificate}: get: tags: - Plugin - Certificate - platform summary: Get an certificate plugin description: There is no particular permission needed. User must be authenticated. operationId: get_30 parameters: - name: certificate in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/certificates/{certificate}/schema: get: tags: - Plugin - Certificate - platform summary: Get an certificate's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_2 parameters: - name: certificate in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/device-identifiers: get: tags: - Plugin - Device Identifier - platform summary: List device identifier plugins description: There is no particular permission needed. User must be authenticated. operationId: list_30 responses: default: description: default response content: application/json: {} /platform/plugins/device-identifiers/{deviceIdentifier}: get: tags: - Plugin - Device Identifier - platform summary: Get a device identifier plugin description: There is no particular permission needed. User must be authenticated. operationId: get_31 parameters: - name: deviceIdentifier in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/device-identifiers/{deviceIdentifier}/schema: get: tags: - Plugin - Device Identifier - platform summary: Get a device identifier plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_3 parameters: - name: deviceIdentifier in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/extensionGrants: get: tags: - Plugin - Extension Grant - platform summary: List extension grant plugins description: There is no particular permission needed. User must be authenticated. operationId: list_37 responses: default: description: default response content: application/json: {} /platform/plugins/extensionGrants/{extensionGrant}: get: tags: - Plugin - Extension Grant - platform summary: Get an extension grant plugin description: There is no particular permission needed. User must be authenticated. operationId: get_38 parameters: - name: extensionGrant in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/extensionGrants/{extensionGrant}/schema: get: tags: - Plugin - Extension Grant - platform summary: Get an extension grant plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_10 parameters: - name: extensionGrant in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/factors: get: tags: - Plugin - Factor - platform summary: List factor plugins description: There is no particular permission needed. User must be authenticated. operationId: list_31 responses: default: description: default response content: application/json: {} /platform/plugins/factors/{factor}: get: tags: - Plugin - Factor - platform summary: Get a factor plugin description: There is no particular permission needed. User must be authenticated. operationId: get_32 parameters: - name: factor in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/factors/{factor}/schema: get: tags: - Plugin - Factor - platform summary: Get a factor plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_4 parameters: - name: factor in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/identities: get: tags: - Plugin - Identity Provider - platform summary: List identity provider plugins description: There is no particular permission needed. User must be authenticated. operationId: list_32 parameters: - name: external in: query schema: type: boolean - name: expand in: query schema: type: array items: type: string responses: default: description: default response content: application/json: {} /platform/plugins/identities/{identity}: get: tags: - Plugin - Identity Provider - platform summary: Get an identity provider description: There is no particular permission needed. User must be authenticated. operationId: get_33 parameters: - name: identity in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/identities/{identity}/schema: get: tags: - Plugin - Identity Provider - platform summary: Get an identity provider plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_5 parameters: - name: identity in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/notifiers: get: tags: - Plugin - Notifier - platform summary: List all available notifier plugins description: There is no particular permission needed. User must be authenticated. operationId: list_33 parameters: - name: expand in: query schema: type: array items: type: string responses: "200": description: Notifier plugin list content: application/json: schema: type: array items: $ref: '#/components/schemas/NotifierPlugin' "500": description: Internal server error /platform/plugins/notifiers/{notifierId}: get: tags: - Plugin - Notifier - platform summary: Get a notifier description: There is no particular permission needed. User must be authenticated. operationId: get_34 parameters: - name: notifierId in: path required: true schema: type: string responses: "200": description: Notifier plugin content: application/json: schema: $ref: '#/components/schemas/NotifierPlugin' "404": description: Notifier plugin not found content: application/json: schema: $ref: '#/components/schemas/ErrorEntity' "500": description: Internal server error /platform/plugins/notifiers/{notifierId}/schema: get: tags: - Plugin - Notifier - platform summary: Get a notifier plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_6 parameters: - name: notifierId in: path required: true schema: type: string responses: "200": description: Notifier plugin schema content: application/json: schema: type: string "404": description: Notifier plugin schema not found content: application/json: schema: $ref: '#/components/schemas/ErrorEntity' "500": description: Internal server error /platform/plugins/policies: get: tags: - Plugin - Policy - platform summary: List policy plugins description: There is no particular permission needed. User must be authenticated. operationId: list_34 parameters: - name: expand in: query schema: type: array items: type: string responses: default: description: default response content: application/json: {} /platform/plugins/policies/{policy}: get: tags: - Plugin - Policy - platform summary: Get a policy plugin description: There is no particular permission needed. User must be authenticated. operationId: get_35 parameters: - name: policy in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/policies/{policy}/documentation: get: tags: - Plugin - Policy - platform summary: Get a policy plugin's documentation operationId: getDocumentation parameters: - name: policy in: path required: true schema: type: string responses: default: description: default response content: text/plain: {} /platform/plugins/policies/{policy}/schema: get: tags: - Plugin - Policy - platform summary: Get a policy plugin's schema operationId: getSchema_7 parameters: - name: policy in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/reporters: get: tags: - Plugin - Reporter - platform summary: List reporter plugins description: There is no particular permission needed. User must be authenticated. operationId: list_35 responses: default: description: default response content: application/json: {} /platform/plugins/reporters/{reporter}: get: tags: - Plugin - Reporter - platform summary: Get a reporter plugin description: There is no particular permission needed. User must be authenticated. operationId: get_36 parameters: - name: reporter in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/reporters/{reporter}/schema: get: tags: - Plugin - Reporter - platform summary: Get a reporter plugin's schema operationId: getSchema_8 parameters: - name: reporter in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/resources: get: tags: - Plugin - Resource - platform summary: List resource plugins description: There is no particular permission needed. User must be authenticated. operationId: list_36 parameters: - name: expand in: query schema: type: array items: type: string responses: default: description: default response content: application/json: {} /platform/plugins/resources/{resource}: get: tags: - Plugin - Resource - platform summary: Get a resource plugin description: There is no particular permission needed. User must be authenticated. operationId: get_37 parameters: - name: resource in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/plugins/resources/{resource}/schema: get: tags: - Plugin - Resource - platform summary: Get a resource plugin's schema description: There is no particular permission needed. User must be authenticated. operationId: getSchema_9 parameters: - name: resource in: path required: true schema: type: string responses: default: description: default response content: application/json: {} /platform/roles/{role}: get: tags: - platform summary: Get a system role description: There is no particular permission needed. User must be authenticated. operationId: get_39 parameters: - name: role in: path required: true schema: type: string responses: "200": description: System role successfully fetched content: application/json: schema: $ref: '#/components/schemas/Role' "500": description: Internal server error /user: get: tags: - user summary: Get the current user operationId: get responses: "200": description: Current user successfully fetched content: application/json: schema: type: object "500": description: Internal server error /user/newsletter/_subscribe: post: tags: - Newsletter - user summary: Subscribe to the newsletter the authenticated user operationId: subscribeNewsletter requestBody: content: '*/*': schema: $ref: '#/components/schemas/EmailValue' required: true responses: "200": description: Updated user content: application/json: schema: $ref: '#/components/schemas/User' "400": description: Invalid user profile "404": description: User not found "500": description: Internal server error /user/newsletter/taglines: get: tags: - Newsletter - user summary: Get taglines to display in the newsletter operationId: getTaglines responses: "200": description: Retrieved taglines content: application/json: schema: type: string "500": description: Internal server error /user/notifications: get: tags: - user notifications - user summary: List notifications received by the current user operationId: listNotifications responses: "200": description: Current user notifications successfully fetched content: application/json: schema: type: array items: $ref: '#/components/schemas/UserNotificationContent' "500": description: Internal server error /user/notifications/{notificationId}/acknowledge: post: tags: - user notifications - user summary: Mark User notification as read operationId: markAsRead parameters: - name: notificationId in: path required: true schema: type: string responses: "204": description: User notification has been marked as read "500": description: Internal server error components: schemas: AccessPolicy: type: object properties: id: type: string type: type: string enum: - GROOVY enabled: type: boolean name: type: string description: type: string order: type: integer format: int32 condition: type: string domain: type: string resource: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time AccessPolicyListItem: type: object properties: id: type: string name: type: string description: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time AccountSettings: type: object properties: inherited: type: boolean loginAttemptsDetectionEnabled: type: boolean maxLoginAttempts: type: integer format: int32 loginAttemptsResetTime: type: integer format: int32 accountBlockedDuration: type: integer format: int32 sendRecoverAccountEmail: type: boolean completeRegistrationWhenResetPassword: type: boolean autoLoginAfterRegistration: type: boolean redirectUriAfterRegistration: type: string dynamicUserRegistration: type: boolean defaultIdentityProviderForRegistration: type: string autoLoginAfterResetPassword: type: boolean redirectUriAfterResetPassword: type: string deletePasswordlessDevicesAfterResetPassword: type: boolean useBotDetection: type: boolean botDetectionPlugin: type: string rememberMe: type: boolean rememberMeDuration: type: integer format: int32 resetPasswordCustomForm: type: boolean resetPasswordCustomFormFields: type: array items: $ref: '#/components/schemas/FormField' resetPasswordConfirmIdentity: type: boolean resetPasswordInvalidateTokens: type: boolean mfaChallengeAttemptsDetectionEnabled: type: boolean mfaChallengeMaxAttempts: type: integer format: int32 mfaChallengeAttemptsResetTime: type: integer format: int32 mfaChallengeSendVerifyAlertEmail: type: boolean sendVerifyRegistrationAccountEmail: type: boolean Address: type: object properties: type: type: string formatted: type: string streetAddress: type: string locality: type: string region: type: string postalCode: type: string country: type: string primary: type: boolean AlertNotifier: type: object properties: id: type: string name: type: string type: type: string enabled: type: boolean configuration: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time AlertServiceStatusEntity: type: object properties: available: type: boolean AlertTrigger: type: object properties: id: type: string type: type: string enum: - TOO_MANY_LOGIN_FAILURES - RISK_ASSESSMENT enabled: type: boolean referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string alertNotifiers: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time AnalyticsTypeParam: type: object properties: value: type: string enum: - DATE_HISTO - COUNT - GROUP_BY originalParam: type: string Application: type: object properties: id: type: string name: type: string type: type: string enum: - WEB - NATIVE - BROWSER - SERVICE - RESOURCE_SERVER description: type: string domain: type: string enabled: type: boolean template: type: boolean factors: uniqueItems: true type: array items: type: string certificate: type: string metadata: type: object additionalProperties: type: object settings: $ref: '#/components/schemas/ApplicationSettings' identityProviders: uniqueItems: true type: array items: $ref: '#/components/schemas/ApplicationIdentityProvider' createdAt: type: string format: date-time updatedAt: type: string format: date-time secretSettings: type: array items: $ref: '#/components/schemas/ApplicationSecretSettings' secrets: type: array items: $ref: '#/components/schemas/ClientSecret' passwordSettings: $ref: '#/components/schemas/PasswordSettings' ApplicationAdvancedSettings: type: object properties: skipConsent: type: boolean flowsInherited: type: boolean ApplicationEntity: type: object properties: id: type: string clientId: type: string name: type: string ApplicationIdentityProvider: type: object properties: identity: type: string selectionRule: type: string priority: type: integer format: int32 ApplicationOAuthSettings: type: object properties: clientId: type: string clientSecret: type: string clientType: type: string redirectUris: type: array items: type: string responseTypes: type: array items: type: string grantTypes: type: array items: type: string applicationType: type: string contacts: type: array items: type: string clientName: type: string logoUri: type: string clientUri: type: string policyUri: type: string tosUri: type: string jwksUri: type: string jwks: $ref: '#/components/schemas/JWKSet' sectorIdentifierUri: type: string subjectType: type: string idTokenSignedResponseAlg: type: string idTokenEncryptedResponseAlg: type: string idTokenEncryptedResponseEnc: type: string userinfoSignedResponseAlg: type: string userinfoEncryptedResponseAlg: type: string userinfoEncryptedResponseEnc: type: string requestObjectSigningAlg: type: string requestObjectEncryptionAlg: type: string requestObjectEncryptionEnc: type: string tokenEndpointAuthMethod: type: string tokenEndpointAuthSigningAlg: type: string defaultMaxAge: type: integer format: int32 requireAuthTime: type: boolean defaultACRvalues: type: array items: type: string initiateLoginUri: type: string requestUris: type: array items: type: string softwareId: type: string softwareVersion: type: string softwareStatement: type: string registrationAccessToken: type: string registrationClientUri: type: string clientIdIssuedAt: type: string format: date-time clientSecretExpiresAt: type: string format: date-time scopes: type: array items: type: string defaultScopes: type: array items: type: string scopeApprovals: type: object additionalProperties: type: integer format: int32 scopeSettings: type: array items: $ref: '#/components/schemas/ApplicationScopeSettings' enhanceScopesWithUserPermissions: type: boolean accessTokenValiditySeconds: type: integer format: int32 refreshTokenValiditySeconds: type: integer format: int32 idTokenValiditySeconds: type: integer format: int32 tokenCustomClaims: type: array items: $ref: '#/components/schemas/TokenClaim' tlsClientAuthSubjectDn: type: string tlsClientAuthSanDns: type: string tlsClientAuthSanUri: type: string tlsClientAuthSanIp: type: string tlsClientAuthSanEmail: type: string tlsClientCertificateBoundAccessTokens: type: boolean authorizationSignedResponseAlg: type: string authorizationEncryptedResponseAlg: type: string authorizationEncryptedResponseEnc: type: string forcePKCE: type: boolean forceS256CodeChallengeMethod: type: boolean postLogoutRedirectUris: type: array items: type: string singleSignOut: type: boolean silentReAuthentication: type: boolean requireParRequest: type: boolean backchannelTokenDeliveryMode: type: string backchannelClientNotificationEndpoint: type: string backchannelAuthRequestSignAlg: type: string backchannelUserCodeParameter: type: boolean disableRefreshTokenRotation: type: boolean ApplicationPage: type: object properties: data: type: array items: $ref: '#/components/schemas/Application' currentPage: type: integer format: int32 totalCount: type: integer format: int64 ApplicationSAMLSettings: type: object properties: entityId: type: string attributeConsumeServiceUrl: type: string singleLogoutServiceUrl: type: string certificate: type: string wantResponseSigned: type: boolean wantAssertionsSigned: type: boolean ApplicationScopeSettings: type: object properties: scope: type: string defaultScope: type: boolean scopeApproval: type: integer format: int32 ApplicationSecretSettings: type: object properties: id: type: string algorithm: type: string ApplicationSettings: type: object properties: oauth: $ref: '#/components/schemas/ApplicationOAuthSettings' saml: $ref: '#/components/schemas/ApplicationSAMLSettings' account: $ref: '#/components/schemas/AccountSettings' login: $ref: '#/components/schemas/LoginSettings' advanced: $ref: '#/components/schemas/ApplicationAdvancedSettings' passwordSettings: $ref: '#/components/schemas/PasswordSettings' mfa: $ref: '#/components/schemas/MFASettings' cookieSettings: $ref: '#/components/schemas/CookieSettings' riskAssessment: $ref: '#/components/schemas/RiskAssessmentSettings' AssessmentSettings: type: object properties: enabled: type: boolean thresholds: type: object additionalProperties: type: number format: double Attribute: type: object properties: value: type: string type: type: string primary: type: boolean Audit: type: object properties: id: type: string transactionId: type: string type: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string accessPoint: $ref: '#/components/schemas/AuditAccessPoint' actor: $ref: '#/components/schemas/AuditEntity' target: $ref: '#/components/schemas/AuditEntity' outcome: $ref: '#/components/schemas/AuditOutcome' timestamp: type: string format: date-time writeOnly: true AuditAccessPoint: type: object properties: id: type: string alternativeId: type: string displayName: type: string ipAddress: type: string userAgent: type: string AuditEntity: type: object properties: id: type: string alternativeId: type: string type: type: string displayName: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string attributes: type: object additionalProperties: type: object AuditOutcome: type: object properties: status: type: string message: type: string AuthenticationDeviceNotifier: type: object properties: id: type: string name: type: string type: type: string configuration: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT createdAt: type: string format: date-time updatedAt: type: string format: date-time BotDetection: type: object properties: id: type: string name: type: string type: type: string detectionType: type: string configuration: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT createdAt: type: string format: date-time updatedAt: type: string format: date-time CIBASettingNotifier: type: object properties: id: type: string CIBASettings: type: object properties: enabled: type: boolean authReqExpiry: type: integer format: int32 tokenReqInterval: type: integer format: int32 bindingMessageLength: type: integer format: int32 deviceNotifiers: type: array items: $ref: '#/components/schemas/CIBASettingNotifier' Certificate: type: object properties: value: type: string CertificateEntity: type: object properties: id: type: string name: type: string type: type: string configuration: type: string domain: type: string metadata: type: object additionalProperties: type: object createdAt: type: string format: date-time updatedAt: type: string format: date-time expiresAt: type: string format: date-time system: type: boolean status: type: string enum: - VALID - WILL_EXPIRE - EXPIRED - RENEWED applications: type: array items: $ref: '#/components/schemas/Application' CertificateKey: type: object properties: fmt: type: string payload: type: string metadata: type: object additionalProperties: type: object ClientRegistrationSettings: type: object properties: allowLocalhostRedirectUri: type: boolean allowHttpSchemeRedirectUri: type: boolean allowWildCardRedirectUri: type: boolean defaultScopes: type: array items: type: string allowedScopes: type: array items: type: string dynamicClientRegistrationEnabled: type: boolean openDynamicClientRegistrationEnabled: type: boolean allowedScopesEnabled: type: boolean clientTemplateEnabled: type: boolean ClientSecret: type: object properties: id: type: string settingsId: type: string name: type: string createdAt: type: string format: date-time CookieSettings: type: object properties: inherited: type: boolean session: $ref: '#/components/schemas/SessionSettings' CorsSettings: type: object properties: enabled: type: boolean allowedOrigins: uniqueItems: true type: array items: type: string allowedMethods: uniqueItems: true type: array items: type: string allowedHeaders: uniqueItems: true type: array items: type: string maxAge: type: integer format: int32 allowCredentials: type: boolean Credential: type: object properties: id: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string userId: type: string username: type: string credentialId: type: string publicKey: type: string counter: type: integer format: int64 aaguid: type: string attestationStatementFormat: type: string attestationStatement: type: string ipAddress: type: string userAgent: type: string deviceName: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time accessedAt: type: string format: date-time lastCheckedAt: type: string format: date-time DeviceIdentifier: type: object properties: id: type: string name: type: string type: type: string configuration: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT createdAt: type: string format: date-time updatedAt: type: string format: date-time Domain: type: object properties: id: type: string hrid: type: string name: type: string description: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string enabled: type: boolean alertEnabled: type: boolean path: type: string identities: uniqueItems: true type: array items: type: string master: type: boolean vhostMode: type: boolean vhosts: type: array items: $ref: '#/components/schemas/VirtualHost' tags: uniqueItems: true type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time oidc: $ref: '#/components/schemas/OIDCSettings' uma: $ref: '#/components/schemas/UMASettings' loginSettings: $ref: '#/components/schemas/LoginSettings' webAuthnSettings: $ref: '#/components/schemas/WebAuthnSettings' scim: $ref: '#/components/schemas/SCIMSettings' accountSettings: $ref: '#/components/schemas/AccountSettings' passwordSettings: $ref: '#/components/schemas/PasswordSettings' selfServiceAccountManagementSettings: $ref: '#/components/schemas/SelfServiceAccountManagementSettings' saml: $ref: '#/components/schemas/SAMLSettings' corsSettings: $ref: '#/components/schemas/CorsSettings' redirectUriLocalhostAllowed: type: boolean redirectUriUnsecuredHttpSchemeAllowed: type: boolean redirectUriWildcardAllowed: type: boolean dynamicClientRegistrationEnabled: type: boolean openDynamicClientRegistrationEnabled: type: boolean redirectUriStrictMatching: type: boolean dynamicClientRegistrationTemplateEnabled: type: boolean Email: type: object properties: id: type: string enabled: type: boolean referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string client: type: string template: type: string defaultTemplate: type: boolean from: type: string fromName: type: string subject: type: string content: type: string expiresAfter: type: integer format: int32 createdAt: type: string format: date-time updatedAt: type: string format: date-time EmailValue: required: - email type: object properties: email: type: string EnrolledFactor: type: object properties: factorId: type: string appId: type: string status: type: string enum: - PENDING_ACTIVATION - ACTIVATED - REVOKED - "NULL" security: $ref: '#/components/schemas/EnrolledFactorSecurity' channel: $ref: '#/components/schemas/EnrolledFactorChannel' primary: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time EnrolledFactorChannel: type: object properties: type: type: string enum: - SMS - EMAIL - HTTP - CALL target: type: string additionalData: type: object additionalProperties: type: object EnrolledFactorEntity: type: object properties: id: type: string type: type: string name: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time EnrolledFactorSecurity: type: object properties: type: type: string value: type: string additionalData: type: object additionalProperties: type: object EnrollmentSettings: type: object properties: forceEnrollment: type: boolean skipTimeSeconds: type: integer format: int64 Entrypoint: type: object properties: id: type: string name: type: string description: type: string url: type: string tags: type: array items: type: string organizationId: type: string defaultEntrypoint: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time Environment: type: object properties: id: type: string hrids: type: array items: type: string name: type: string description: type: string domainRestrictions: type: array items: type: string organizationId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time ErrorEntity: type: object properties: message: type: string http_status: type: integer format: int32 ExtensionGrant: type: object properties: id: type: string name: type: string type: type: string configuration: type: string domain: type: string grantType: type: string identityProvider: type: string createUser: type: boolean userExists: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time Factor: type: object properties: id: type: string name: type: string type: type: string factorType: type: string enum: - OTP - SMS - EMAIL - CALL - HTTP - RECOVERY_CODE - FIDO2 - MOCK configuration: type: string domain: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time FilteredIdentityProviderInfo: type: object properties: id: type: string name: type: string type: type: string system: type: boolean external: type: boolean Flow: required: - name - type type: object properties: id: type: string name: type: string pre: type: array items: $ref: '#/components/schemas/Step' post: type: array items: $ref: '#/components/schemas/Step' enabled: type: boolean type: type: string enum: - ROOT - LOGIN_IDENTIFIER - LOGIN - CONNECT - CONSENT - REGISTER - RESET_PASSWORD - REGISTRATION_CONFIRMATION - TOKEN condition: type: string FlowEntity: type: object properties: id: type: string name: type: string pre: type: array items: $ref: '#/components/schemas/Step' post: type: array items: $ref: '#/components/schemas/Step' enabled: type: boolean type: type: string enum: - ROOT - LOGIN_IDENTIFIER - LOGIN - CONNECT - CONSENT - REGISTER - RESET_PASSWORD - REGISTRATION_CONFIRMATION - TOKEN condition: type: string icon: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time Form: type: object properties: id: type: string enabled: type: boolean referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string client: type: string template: type: string content: type: string assets: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time FormField: type: object properties: key: type: string label: type: string type: type: string Group: type: object properties: id: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string name: type: string description: type: string members: type: array items: type: string roles: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time GroupPage: type: object properties: data: type: array items: $ref: '#/components/schemas/Group' currentPage: type: integer format: int32 totalCount: type: integer format: int64 I18nDictionary: type: object properties: id: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT name: type: string locale: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time entries: type: object additionalProperties: type: string IdentityProvider: type: object properties: id: type: string name: type: string type: type: string system: type: boolean configuration: type: string mappers: type: object additionalProperties: type: string roleMapper: type: object additionalProperties: type: array items: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string external: type: boolean domainWhitelist: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time InstallationEntity: type: object properties: id: type: string additionalInformation: type: object additionalProperties: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time JWK: type: object properties: kty: type: string use: type: string keyOps: uniqueItems: true type: array items: type: string alg: type: string kid: type: string x5u: type: string x5c: uniqueItems: true type: array items: type: string x5t: type: string x5tS256: type: string JWKSet: type: object properties: keys: type: array items: $ref: '#/components/schemas/JWK' LoginSettings: type: object properties: inherited: type: boolean forgotPasswordEnabled: type: boolean registerEnabled: type: boolean rememberMeEnabled: type: boolean passwordlessEnabled: type: boolean passwordlessRememberDeviceEnabled: type: boolean passwordlessEnforcePasswordEnabled: type: boolean passwordlessEnforcePasswordMaxAge: type: integer format: int32 passwordlessDeviceNamingEnabled: type: boolean hideForm: type: boolean identifierFirstEnabled: type: boolean enforcePasswordPolicyEnabled: type: boolean MFASettings: type: object properties: loginRule: type: string stepUpAuthenticationRule: type: string adaptiveAuthenticationRule: type: string rememberDevice: $ref: '#/components/schemas/RememberDeviceSettings' enrollment: $ref: '#/components/schemas/EnrollmentSettings' Membership: type: object properties: id: type: string domain: type: string memberId: type: string memberType: type: string enum: - USER - GROUP referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT roleId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time MembershipListItem: type: object properties: memberships: type: array items: $ref: '#/components/schemas/Membership' metadata: type: object additionalProperties: type: object additionalProperties: type: object NewAlertNotifier: required: - configuration - type type: object properties: type: type: string name: type: string writeOnly: true enabled: type: boolean configuration: type: string NewApplication: required: - name - type type: object properties: name: type: string type: type: string enum: - WEB - NATIVE - BROWSER - SERVICE - RESOURCE_SERVER description: type: string clientId: type: string clientSecret: type: string redirectUris: type: array items: type: string metadata: type: object additionalProperties: type: object NewAuthenticationDeviceNotifier: required: - configuration - name - type type: object properties: id: type: string type: type: string name: type: string configuration: type: string NewBotDetection: required: - configuration - detectionType - name - type type: object properties: id: type: string type: type: string detectionType: type: string name: type: string configuration: type: string NewCertificate: required: - configuration - name - type type: object properties: type: type: string name: type: string configuration: type: string NewDeviceIdentifier: required: - configuration - name - type type: object properties: id: type: string type: type: string name: type: string configuration: type: string NewDictionary: required: - locale - name type: object properties: name: type: string locale: type: string NewDomain: required: - name type: object properties: name: type: string description: type: string NewEmail: required: - content - expiresAfter - from - subject - template type: object properties: enabled: type: boolean from: type: string fromName: type: string subject: type: string content: type: string expiresAfter: minimum: 1 type: integer format: int32 template: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT NewEntrypoint: required: - name - tags - url type: object properties: name: type: string description: type: string url: type: string tags: type: array items: type: string NewExtensionGrant: required: - configuration - grantType - name - type type: object properties: type: type: string name: type: string configuration: type: string grantType: pattern: "[A-Za-z][A-Za-z0-9+\\-.]*:(?://(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:]|%[0-9A-Fa-f]{2})*@)?(?:\\\ [(?:(?:(?:(?:[0-9A-Fa-f]{1,4}:){6}|::(?:[0-9A-Fa-f]{1,4}:){5}|(?:[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,1}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){3}|(?:(?:[0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){2}|(?:(?:[0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}:|(?:(?:[0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})?::)(?:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\ .){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:[0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})?::)|[Vv][0-9A-Fa-f]+\\\ .[A-Za-z0-9\\-._~!$&'()*+,;=:]+)\\]|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\ .){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|(?:[A-Za-z0-9\\-._~!$&'()*+,;=]|%[0-9A-Fa-f]{2})*)(?::[0-9]*)?(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|/(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*)?|(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|)(?:\\?(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})*)?" type: string identityProvider: type: string createUser: type: boolean userExists: type: boolean NewFactor: required: - configuration - factorType - name - type type: object properties: id: type: string type: type: string factorType: type: string name: type: string configuration: type: string NewForm: required: - content - template type: object properties: enabled: type: boolean template: type: string enum: - LOGIN - REGISTRATION - REGISTRATION_CONFIRMATION - REGISTRATION_VERIFY - FORGOT_PASSWORD - RESET_PASSWORD - OAUTH2_USER_CONSENT - MFA_ENROLL - MFA_CHALLENGE - MFA_CHALLENGE_ALTERNATIVES - MFA_RECOVERY_CODE - BLOCKED_ACCOUNT - COMPLETE_PROFILE - WEBAUTHN_REGISTER - WEBAUTHN_REGISTER_SUCCESS - WEBAUTHN_LOGIN - IDENTIFIER_FIRST_LOGIN - ERROR - CERTIFICATE_EXPIRATION - VERIFY_ATTEMPT content: type: string assets: type: string NewGroup: required: - name type: object properties: name: type: string description: type: string members: type: array items: type: string NewIdentityProvider: required: - configuration - name - type type: object properties: id: type: string type: type: string name: type: string configuration: type: string domainWhitelist: type: array items: type: string external: type: boolean NewMembership: required: - memberId - memberType - role type: object properties: memberId: type: string memberType: type: string enum: - USER - GROUP role: type: string NewReporter: required: - configuration - name - type type: object properties: id: type: string enabled: type: boolean type: type: string name: type: string configuration: type: string NewRole: required: - name type: object properties: name: type: string assignableType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT description: type: string NewScope: required: - description - key - name type: object properties: key: type: string name: type: string description: type: string iconUri: type: string expiresIn: type: integer format: int32 discovery: type: boolean parameterized: type: boolean NewServiceResource: required: - configuration - name - type type: object properties: id: type: string name: type: string type: type: string configuration: type: string NewTag: required: - name type: object properties: name: type: string description: type: string NewTheme: type: object properties: logoUrl: type: string logoWidth: type: integer format: int32 faviconUrl: type: string primaryButtonColorHex: type: string secondaryButtonColorHex: type: string primaryTextColorHex: type: string secondaryTextColorHex: type: string css: type: string NewUser: required: - email - username type: object properties: username: type: string password: type: string email: maxLength: 320 minLength: 0 type: string firstName: type: string lastName: type: string externalId: type: string accountNonExpired: type: boolean accountNonLocked: type: boolean credentialsNonExpired: type: boolean enabled: type: boolean internal: type: boolean preRegistration: type: boolean registrationCompleted: type: boolean domain: type: string source: type: string client: type: string loginsCount: type: integer format: int64 loggedAt: type: string format: date-time preferredLanguage: type: string additionalInformation: type: object additionalProperties: type: object createdAt: type: string format: date-time updatedAt: type: string format: date-time NotifierPlugin: type: object properties: id: type: string name: type: string description: type: string version: type: string deployed: type: boolean feature: type: string displayName: type: string icon: type: string OIDCSettings: type: object properties: clientRegistrationSettings: $ref: '#/components/schemas/ClientRegistrationSettings' securityProfileSettings: $ref: '#/components/schemas/SecurityProfileSettings' redirectUriStrictMatching: type: boolean postLogoutRedirectUris: type: array items: type: string requestUris: type: array items: type: string cibaSettings: $ref: '#/components/schemas/CIBASettings' Page: type: object properties: data: type: array items: type: object currentPage: type: integer format: int32 totalCount: type: integer format: int64 PasswordSettings: type: object properties: inherited: type: boolean minLength: type: integer format: int32 maxLength: type: integer format: int32 includeNumbers: type: boolean includeSpecialCharacters: type: boolean lettersInMixedCase: type: boolean maxConsecutiveLetters: type: integer format: int32 excludePasswordsInDictionary: type: boolean excludeUserProfileInfoInPassword: type: boolean expiryDuration: type: integer format: int32 passwordHistoryEnabled: type: boolean oldPasswords: type: integer format: int32 PasswordValue: required: - password type: object properties: password: type: string PatchAlertNotifier: type: object properties: name: type: string enabled: type: boolean configuration: type: string PatchAlertTrigger: required: - type type: object properties: enabled: type: boolean alertNotifiers: type: array items: type: string type: type: string enum: - TOO_MANY_LOGIN_FAILURES - RISK_ASSESSMENT PatchApplication: type: object properties: name: type: string description: type: string enabled: type: boolean template: type: boolean identityProviders: uniqueItems: true type: array items: $ref: '#/components/schemas/PatchApplicationIdentityProvider' factors: uniqueItems: true type: array items: type: string certificate: type: string metadata: type: object additionalProperties: type: object settings: $ref: '#/components/schemas/PatchApplicationSettings' requiredPermissions: uniqueItems: true type: array items: type: string enum: - ORGANIZATION - ORGANIZATION_SETTINGS - ORGANIZATION_IDENTITY_PROVIDER - ORGANIZATION_AUDIT - ORGANIZATION_REPORTER - ORGANIZATION_SCOPE - ORGANIZATION_USER - ORGANIZATION_GROUP - ORGANIZATION_ROLE - ORGANIZATION_TAG - ORGANIZATION_ENTRYPOINT - ORGANIZATION_FORM - ORGANIZATION_MEMBER - ENVIRONMENT - DOMAIN - DOMAIN_SETTINGS - DOMAIN_FORM - DOMAIN_EMAIL_TEMPLATE - DOMAIN_EXTENSION_POINT - DOMAIN_IDENTITY_PROVIDER - DOMAIN_AUDIT - DOMAIN_CERTIFICATE - DOMAIN_USER - DOMAIN_USER_DEVICE - DOMAIN_GROUP - DOMAIN_ROLE - DOMAIN_SCIM - DOMAIN_SCOPE - DOMAIN_EXTENSION_GRANT - DOMAIN_OPENID - DOMAIN_SAML - DOMAIN_UMA - DOMAIN_UMA_SCOPE - DOMAIN_REPORTER - DOMAIN_MEMBER - DOMAIN_ANALYTICS - DOMAIN_FACTOR - DOMAIN_RESOURCE - DOMAIN_FLOW - DOMAIN_ALERT - DOMAIN_ALERT_NOTIFIER - DOMAIN_BOT_DETECTION - DOMAIN_DEVICE_IDENTIFIER - DOMAIN_AUTHDEVICE_NOTIFIER - DOMAIN_I18N_DICTIONARY - DOMAIN_THEME - APPLICATION - APPLICATION_SETTINGS - APPLICATION_IDENTITY_PROVIDER - APPLICATION_FORM - APPLICATION_EMAIL_TEMPLATE - APPLICATION_OPENID - APPLICATION_SAML - APPLICATION_CERTIFICATE - APPLICATION_MEMBER - APPLICATION_FACTOR - APPLICATION_RESOURCE - APPLICATION_ANALYTICS - APPLICATION_FLOW - INSTALLATION PatchApplicationAdvancedSettings: type: object properties: skipConsent: type: boolean flowsInherited: type: boolean PatchApplicationIdentityProvider: type: object properties: identity: type: string selectionRule: type: string priority: type: integer format: int32 PatchApplicationOAuthSettings: type: object properties: redirectUris: type: array items: type: string responseTypes: type: array items: type: string grantTypes: type: array items: type: string applicationType: type: string contacts: type: array items: type: string clientName: type: string logoUri: type: string clientUri: type: string policyUri: type: string tosUri: type: string jwksUri: type: string jwks: $ref: '#/components/schemas/JWKSet' sectorIdentifierUri: type: string subjectType: type: string idTokenSignedResponseAlg: type: string idTokenEncryptedResponseAlg: type: string idTokenEncryptedResponseEnc: type: string userinfoSignedResponseAlg: type: string userinfoEncryptedResponseAlg: type: string userinfoEncryptedResponseEnc: type: string requestObjectSigningAlg: type: string requestObjectEncryptionAlg: type: string requestObjectEncryptionEnc: type: string tokenEndpointAuthMethod: type: string tokenEndpointAuthSigningAlg: type: string defaultMaxAge: type: integer format: int32 requireAuthTime: type: boolean defaultACRvalues: type: array items: type: string initiateLoginUri: type: string requestUris: type: array items: type: string softwareId: type: string softwareVersion: type: string softwareStatement: type: string registrationAccessToken: type: string registrationClientUri: type: string clientIdIssuedAt: type: string format: date-time clientSecretExpiresAt: type: string format: date-time enhanceScopesWithUserPermissions: type: boolean accessTokenValiditySeconds: type: integer format: int32 refreshTokenValiditySeconds: type: integer format: int32 idTokenValiditySeconds: type: integer format: int32 tokenCustomClaims: type: array items: $ref: '#/components/schemas/TokenClaim' tlsClientAuthSubjectDn: type: string tlsClientAuthSanDns: type: string tlsClientAuthSanUri: type: string tlsClientAuthSanIp: type: string tlsClientAuthSanEmail: type: string tlsClientCertificateBoundAccessTokens: type: boolean authorizationSignedResponseAlg: type: string authorizationEncryptedResponseAlg: type: string authorizationEncryptedResponseEnc: type: string forcePKCE: type: boolean forceS256CodeChallengeMethod: type: boolean postLogoutRedirectUris: type: array items: type: string singleSignOut: type: boolean silentReAuthentication: type: boolean scopeSettings: type: array items: $ref: '#/components/schemas/ApplicationScopeSettings' disableRefreshTokenRotation: type: boolean PatchApplicationSAMLSettings: type: object properties: entityId: type: string attributeConsumeServiceUrl: type: string singleLogoutServiceUrl: type: string certificate: type: string wantResponseSigned: type: boolean wantAssertionsSigned: type: boolean PatchApplicationSettings: type: object properties: account: $ref: '#/components/schemas/AccountSettings' login: $ref: '#/components/schemas/LoginSettings' oauth: $ref: '#/components/schemas/PatchApplicationOAuthSettings' saml: $ref: '#/components/schemas/PatchApplicationSAMLSettings' advanced: $ref: '#/components/schemas/PatchApplicationAdvancedSettings' passwordSettings: $ref: '#/components/schemas/PatchPasswordSettings' mfa: $ref: '#/components/schemas/PatchMFASettings' cookieSettings: $ref: '#/components/schemas/CookieSettings' riskAssessment: $ref: '#/components/schemas/RiskAssessmentSettings' requiredPermissions: uniqueItems: true type: array items: type: string enum: - ORGANIZATION - ORGANIZATION_SETTINGS - ORGANIZATION_IDENTITY_PROVIDER - ORGANIZATION_AUDIT - ORGANIZATION_REPORTER - ORGANIZATION_SCOPE - ORGANIZATION_USER - ORGANIZATION_GROUP - ORGANIZATION_ROLE - ORGANIZATION_TAG - ORGANIZATION_ENTRYPOINT - ORGANIZATION_FORM - ORGANIZATION_MEMBER - ENVIRONMENT - DOMAIN - DOMAIN_SETTINGS - DOMAIN_FORM - DOMAIN_EMAIL_TEMPLATE - DOMAIN_EXTENSION_POINT - DOMAIN_IDENTITY_PROVIDER - DOMAIN_AUDIT - DOMAIN_CERTIFICATE - DOMAIN_USER - DOMAIN_USER_DEVICE - DOMAIN_GROUP - DOMAIN_ROLE - DOMAIN_SCIM - DOMAIN_SCOPE - DOMAIN_EXTENSION_GRANT - DOMAIN_OPENID - DOMAIN_SAML - DOMAIN_UMA - DOMAIN_UMA_SCOPE - DOMAIN_REPORTER - DOMAIN_MEMBER - DOMAIN_ANALYTICS - DOMAIN_FACTOR - DOMAIN_RESOURCE - DOMAIN_FLOW - DOMAIN_ALERT - DOMAIN_ALERT_NOTIFIER - DOMAIN_BOT_DETECTION - DOMAIN_DEVICE_IDENTIFIER - DOMAIN_AUTHDEVICE_NOTIFIER - DOMAIN_I18N_DICTIONARY - DOMAIN_THEME - APPLICATION - APPLICATION_SETTINGS - APPLICATION_IDENTITY_PROVIDER - APPLICATION_FORM - APPLICATION_EMAIL_TEMPLATE - APPLICATION_OPENID - APPLICATION_SAML - APPLICATION_CERTIFICATE - APPLICATION_MEMBER - APPLICATION_FACTOR - APPLICATION_RESOURCE - APPLICATION_ANALYTICS - APPLICATION_FLOW - INSTALLATION PatchApplicationType: required: - type type: object properties: type: type: string enum: - WEB - NATIVE - BROWSER - SERVICE - RESOURCE_SERVER PatchCIBASettings: type: object properties: enabled: type: boolean authReqExpiry: type: integer format: int32 tokenReqInterval: type: integer format: int32 bindingMessageLength: type: integer format: int32 deviceNotifiers: type: array items: $ref: '#/components/schemas/CIBASettingNotifier' PatchClientRegistrationSettings: type: object properties: allowLocalhostRedirectUri: type: boolean allowHttpSchemeRedirectUri: type: boolean allowWildCardRedirectUri: type: boolean defaultScopes: type: array items: type: string isAllowedScopesEnabled: type: boolean writeOnly: true allowedScopes: type: array items: type: string dynamicClientRegistrationEnabled: type: boolean writeOnly: true openDynamicClientRegistrationEnabled: type: boolean writeOnly: true clientTemplateEnabled: type: boolean writeOnly: true PatchDomain: type: object properties: name: type: string description: type: string enabled: type: boolean alertEnabled: type: boolean path: type: string vhostMode: type: boolean vhosts: type: array items: $ref: '#/components/schemas/VirtualHost' oidc: $ref: '#/components/schemas/PatchOIDCSettings' uma: $ref: '#/components/schemas/UMASettings' scim: $ref: '#/components/schemas/SCIMSettings' loginSettings: $ref: '#/components/schemas/LoginSettings' webAuthnSettings: $ref: '#/components/schemas/WebAuthnSettings' accountSettings: $ref: '#/components/schemas/AccountSettings' passwordSettings: $ref: '#/components/schemas/PatchPasswordSettings' selfServiceAccountManagementSettings: $ref: '#/components/schemas/SelfServiceAccountManagementSettings' tags: uniqueItems: true type: array items: type: string master: type: boolean saml: $ref: '#/components/schemas/PatchSAMLSettings' corsSettings: $ref: '#/components/schemas/CorsSettings' requiredPermissions: uniqueItems: true type: array items: type: string enum: - ORGANIZATION - ORGANIZATION_SETTINGS - ORGANIZATION_IDENTITY_PROVIDER - ORGANIZATION_AUDIT - ORGANIZATION_REPORTER - ORGANIZATION_SCOPE - ORGANIZATION_USER - ORGANIZATION_GROUP - ORGANIZATION_ROLE - ORGANIZATION_TAG - ORGANIZATION_ENTRYPOINT - ORGANIZATION_FORM - ORGANIZATION_MEMBER - ENVIRONMENT - DOMAIN - DOMAIN_SETTINGS - DOMAIN_FORM - DOMAIN_EMAIL_TEMPLATE - DOMAIN_EXTENSION_POINT - DOMAIN_IDENTITY_PROVIDER - DOMAIN_AUDIT - DOMAIN_CERTIFICATE - DOMAIN_USER - DOMAIN_USER_DEVICE - DOMAIN_GROUP - DOMAIN_ROLE - DOMAIN_SCIM - DOMAIN_SCOPE - DOMAIN_EXTENSION_GRANT - DOMAIN_OPENID - DOMAIN_SAML - DOMAIN_UMA - DOMAIN_UMA_SCOPE - DOMAIN_REPORTER - DOMAIN_MEMBER - DOMAIN_ANALYTICS - DOMAIN_FACTOR - DOMAIN_RESOURCE - DOMAIN_FLOW - DOMAIN_ALERT - DOMAIN_ALERT_NOTIFIER - DOMAIN_BOT_DETECTION - DOMAIN_DEVICE_IDENTIFIER - DOMAIN_AUTHDEVICE_NOTIFIER - DOMAIN_I18N_DICTIONARY - DOMAIN_THEME - APPLICATION - APPLICATION_SETTINGS - APPLICATION_IDENTITY_PROVIDER - APPLICATION_FORM - APPLICATION_EMAIL_TEMPLATE - APPLICATION_OPENID - APPLICATION_SAML - APPLICATION_CERTIFICATE - APPLICATION_MEMBER - APPLICATION_FACTOR - APPLICATION_RESOURCE - APPLICATION_ANALYTICS - APPLICATION_FLOW - INSTALLATION PatchEnrollmentSettings: type: object properties: forceEnrollment: type: boolean skipTimeSeconds: type: integer format: int64 PatchMFASettings: type: object properties: loginRule: type: string stepUpAuthenticationRule: type: string adaptiveAuthenticationRule: type: string rememberDevice: $ref: '#/components/schemas/PatchRememberDeviceSettings' enrollment: $ref: '#/components/schemas/PatchEnrollmentSettings' PatchOIDCSettings: type: object properties: redirectUriStrictMatching: type: boolean postLogoutRedirectUris: type: array items: type: string requestUris: type: array items: type: string requiredPermissions: uniqueItems: true type: array items: type: string enum: - ORGANIZATION - ORGANIZATION_SETTINGS - ORGANIZATION_IDENTITY_PROVIDER - ORGANIZATION_AUDIT - ORGANIZATION_REPORTER - ORGANIZATION_SCOPE - ORGANIZATION_USER - ORGANIZATION_GROUP - ORGANIZATION_ROLE - ORGANIZATION_TAG - ORGANIZATION_ENTRYPOINT - ORGANIZATION_FORM - ORGANIZATION_MEMBER - ENVIRONMENT - DOMAIN - DOMAIN_SETTINGS - DOMAIN_FORM - DOMAIN_EMAIL_TEMPLATE - DOMAIN_EXTENSION_POINT - DOMAIN_IDENTITY_PROVIDER - DOMAIN_AUDIT - DOMAIN_CERTIFICATE - DOMAIN_USER - DOMAIN_USER_DEVICE - DOMAIN_GROUP - DOMAIN_ROLE - DOMAIN_SCIM - DOMAIN_SCOPE - DOMAIN_EXTENSION_GRANT - DOMAIN_OPENID - DOMAIN_SAML - DOMAIN_UMA - DOMAIN_UMA_SCOPE - DOMAIN_REPORTER - DOMAIN_MEMBER - DOMAIN_ANALYTICS - DOMAIN_FACTOR - DOMAIN_RESOURCE - DOMAIN_FLOW - DOMAIN_ALERT - DOMAIN_ALERT_NOTIFIER - DOMAIN_BOT_DETECTION - DOMAIN_DEVICE_IDENTIFIER - DOMAIN_AUTHDEVICE_NOTIFIER - DOMAIN_I18N_DICTIONARY - DOMAIN_THEME - APPLICATION - APPLICATION_SETTINGS - APPLICATION_IDENTITY_PROVIDER - APPLICATION_FORM - APPLICATION_EMAIL_TEMPLATE - APPLICATION_OPENID - APPLICATION_SAML - APPLICATION_CERTIFICATE - APPLICATION_MEMBER - APPLICATION_FACTOR - APPLICATION_RESOURCE - APPLICATION_ANALYTICS - APPLICATION_FLOW - INSTALLATION clientRegistrationSettings: $ref: '#/components/schemas/PatchClientRegistrationSettings' securityProfileSettings: $ref: '#/components/schemas/PatchSecurityProfileSettings' cibaSettings: $ref: '#/components/schemas/PatchCIBASettings' PatchOrganization: type: object properties: identities: type: array writeOnly: true items: type: string PatchPasswordSettings: type: object properties: inherited: type: boolean minLength: type: integer format: int32 maxLength: type: integer format: int32 includeNumbers: type: boolean includeSpecialCharacters: type: boolean lettersInMixedCase: type: boolean maxConsecutiveLetters: type: integer format: int32 excludePasswordsInDictionary: type: boolean excludeUserProfileInfoInPassword: type: boolean expiryDuration: type: integer format: int32 passwordHistoryEnabled: type: boolean oldPasswords: type: integer format: int32 PatchRememberDeviceSettings: type: object properties: active: type: boolean skipRememberDevice: type: boolean expirationTimeSeconds: type: integer format: int64 deviceIdentifierId: type: string PatchSAMLSettings: type: object properties: enabled: type: boolean entityId: type: string certificate: type: string requiredPermissions: uniqueItems: true type: array items: type: string enum: - ORGANIZATION - ORGANIZATION_SETTINGS - ORGANIZATION_IDENTITY_PROVIDER - ORGANIZATION_AUDIT - ORGANIZATION_REPORTER - ORGANIZATION_SCOPE - ORGANIZATION_USER - ORGANIZATION_GROUP - ORGANIZATION_ROLE - ORGANIZATION_TAG - ORGANIZATION_ENTRYPOINT - ORGANIZATION_FORM - ORGANIZATION_MEMBER - ENVIRONMENT - DOMAIN - DOMAIN_SETTINGS - DOMAIN_FORM - DOMAIN_EMAIL_TEMPLATE - DOMAIN_EXTENSION_POINT - DOMAIN_IDENTITY_PROVIDER - DOMAIN_AUDIT - DOMAIN_CERTIFICATE - DOMAIN_USER - DOMAIN_USER_DEVICE - DOMAIN_GROUP - DOMAIN_ROLE - DOMAIN_SCIM - DOMAIN_SCOPE - DOMAIN_EXTENSION_GRANT - DOMAIN_OPENID - DOMAIN_SAML - DOMAIN_UMA - DOMAIN_UMA_SCOPE - DOMAIN_REPORTER - DOMAIN_MEMBER - DOMAIN_ANALYTICS - DOMAIN_FACTOR - DOMAIN_RESOURCE - DOMAIN_FLOW - DOMAIN_ALERT - DOMAIN_ALERT_NOTIFIER - DOMAIN_BOT_DETECTION - DOMAIN_DEVICE_IDENTIFIER - DOMAIN_AUTHDEVICE_NOTIFIER - DOMAIN_I18N_DICTIONARY - DOMAIN_THEME - APPLICATION - APPLICATION_SETTINGS - APPLICATION_IDENTITY_PROVIDER - APPLICATION_FORM - APPLICATION_EMAIL_TEMPLATE - APPLICATION_OPENID - APPLICATION_SAML - APPLICATION_CERTIFICATE - APPLICATION_MEMBER - APPLICATION_FACTOR - APPLICATION_RESOURCE - APPLICATION_ANALYTICS - APPLICATION_FLOW - INSTALLATION PatchScope: type: object properties: name: type: string description: type: string iconUri: type: string expiresIn: type: integer format: int32 discovery: type: boolean parameterized: type: boolean PatchSecurityProfileSettings: type: object properties: enablePlainFapi: type: boolean enableFapiBrazil: type: boolean PreviewRequest: required: - template - type type: object properties: content: type: string theme: $ref: '#/components/schemas/Theme' type: type: string enum: - EMAIL - FORM template: type: string PreviewResponse: type: object properties: content: type: string type: type: string enum: - EMAIL - FORM template: type: string RememberDeviceSettings: type: object properties: active: type: boolean skipRememberDevice: type: boolean expirationTimeSeconds: type: integer format: int64 deviceIdentifierId: type: string Reporter: type: object properties: id: type: string domain: type: string enabled: type: boolean type: type: string name: type: string system: type: boolean dataType: type: string configuration: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time ResetPasswordSettings: type: object properties: oldPasswordRequired: type: boolean tokenAge: type: integer format: int32 Resource: type: object properties: id: type: string resourceScopes: type: array items: type: string description: type: string iconUri: type: string name: type: string type: type: string domain: type: string userId: type: string clientId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time ResourceEntity: type: object properties: id: type: string resourceScopes: type: array items: type: string description: type: string iconUri: type: string name: type: string type: type: string domain: type: string userId: type: string userDisplayName: type: string clientId: type: string policies: type: integer format: int64 createdAt: type: string format: date-time updatedAt: type: string format: date-time ResourceListItem: type: object properties: resources: type: array items: $ref: '#/components/schemas/ResourceEntity' metadata: type: object additionalProperties: type: object additionalProperties: type: object RiskAssessmentSettings: type: object properties: enabled: type: boolean deviceAssessment: $ref: '#/components/schemas/AssessmentSettings' ipReputationAssessment: $ref: '#/components/schemas/AssessmentSettings' geoVelocityAssessment: $ref: '#/components/schemas/AssessmentSettings' Role: type: object properties: id: type: string name: type: string description: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string assignableType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT system: type: boolean defaultRole: type: boolean permissionAcls: type: object additionalProperties: uniqueItems: true type: array items: type: string enum: - CREATE - READ - LIST - UPDATE - DELETE oauthScopes: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time internalOnly: type: boolean RoleEntity: type: object properties: id: type: string name: type: string description: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string assignableType: type: string permissions: type: array items: type: string availablePermissions: type: array items: type: string system: type: boolean defaultRole: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time RolePage: type: object properties: data: type: array items: $ref: '#/components/schemas/Role' currentPage: type: integer format: int32 totalCount: type: integer format: int64 SAMLSettings: type: object properties: enabled: type: boolean entityId: type: string certificate: type: string SCIMSettings: type: object properties: enabled: type: boolean idpSelectionEnabled: type: boolean idpSelectionRule: type: string Scope: type: object properties: id: type: string key: type: string name: type: string description: type: string iconUri: type: string domain: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time system: type: boolean claims: type: array items: type: string expiresIn: type: integer format: int32 discovery: type: boolean parameterized: type: boolean ScopeApprovalEntity: type: object properties: id: type: string transactionId: type: string userId: type: string clientId: type: string domain: type: string scope: type: string status: type: string enum: - APPROVED - DENIED expiresAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time clientEntity: $ref: '#/components/schemas/ApplicationEntity' scopeEntity: $ref: '#/components/schemas/ScopeEntity' ScopeEntity: type: object properties: id: type: string key: type: string name: type: string description: type: string ScopePage: type: object properties: data: type: array items: $ref: '#/components/schemas/Scope' currentPage: type: integer format: int32 totalCount: type: integer format: int64 SecurityProfileSettings: type: object properties: enablePlainFapi: type: boolean enableFapiBrazil: type: boolean SelfServiceAccountManagementSettings: type: object properties: enabled: type: boolean resetPassword: $ref: '#/components/schemas/ResetPasswordSettings' ServiceResource: type: object properties: id: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string name: type: string type: type: string configuration: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time SessionSettings: type: object properties: persistent: type: boolean StatusEntity: type: object properties: enabled: type: boolean Step: type: object properties: name: type: string policy: type: string description: type: string configuration: type: string enabled: type: boolean condition: type: string Tag: type: object properties: id: type: string name: type: string description: type: string organizationId: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time Theme: type: object properties: id: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT logoUrl: type: string logoWidth: type: integer format: int32 faviconUrl: type: string primaryButtonColorHex: type: string secondaryButtonColorHex: type: string primaryTextColorHex: type: string secondaryTextColorHex: type: string css: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time ThemeEntity: type: object properties: id: type: string referenceId: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT logoUrl: type: string logoWidth: type: integer format: int32 faviconUrl: type: string primaryButtonColorHex: type: string secondaryButtonColorHex: type: string primaryTextColorHex: type: string secondaryTextColorHex: type: string css: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time TokenClaim: type: object properties: tokenType: type: string enum: - ACCESS_TOKEN - REFRESH_TOKEN - ID_TOKEN claimName: type: string claimValue: type: string UMASettings: type: object properties: enabled: type: boolean UpdateAuthenticationDeviceNotifier: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateBotDetection: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateCertificate: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateDeviceIdentifier: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateEmail: required: - content - expiresAfter - from - subject type: object properties: enabled: type: boolean from: type: string fromName: type: string subject: type: string content: type: string expiresAfter: minimum: 1 type: integer format: int32 UpdateEntrypoint: required: - name - tags - url type: object properties: name: type: string description: type: string url: type: string tags: type: array items: type: string UpdateExtensionGrant: required: - configuration - name type: object properties: name: type: string configuration: type: string grantType: pattern: "[A-Za-z][A-Za-z0-9+\\-.]*:(?://(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:]|%[0-9A-Fa-f]{2})*@)?(?:\\\ [(?:(?:(?:(?:[0-9A-Fa-f]{1,4}:){6}|::(?:[0-9A-Fa-f]{1,4}:){5}|(?:[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,1}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){3}|(?:(?:[0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})?::(?:[0-9A-Fa-f]{1,4}:){2}|(?:(?:[0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}:|(?:(?:[0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})?::)(?:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\ .){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))|(?:(?:[0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})?::[0-9A-Fa-f]{1,4}|(?:(?:[0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})?::)|[Vv][0-9A-Fa-f]+\\\ .[A-Za-z0-9\\-._~!$&'()*+,;=:]+)\\]|(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\\ .){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|(?:[A-Za-z0-9\\-._~!$&'()*+,;=]|%[0-9A-Fa-f]{2})*)(?::[0-9]*)?(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|/(?:(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*)?|(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})+(?:/(?:[A-Za-z0-9\\\ -._~!$&'()*+,;=:@]|%[0-9A-Fa-f]{2})*)*|)(?:\\?(?:[A-Za-z0-9\\-._~!$&'()*+,;=:@/?]|%[0-9A-Fa-f]{2})*)?" type: string identityProvider: type: string createUser: type: boolean userExists: type: boolean UpdateFactor: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateForm: type: object properties: enabled: type: boolean content: type: string assets: type: string UpdateGroup: required: - name type: object properties: name: type: string description: type: string members: type: array items: type: string roles: type: array items: type: string UpdateI18nDictionary: type: object properties: name: type: string locale: type: string entries: type: object additionalProperties: type: string UpdateIdentityProvider: required: - configuration - name type: object properties: name: type: string configuration: type: string mappers: type: object additionalProperties: type: string roleMapper: type: object additionalProperties: type: array items: type: string domainWhitelist: type: array items: type: string UpdateReporter: required: - configuration - name type: object properties: enabled: type: boolean name: type: string configuration: type: string UpdateRole: required: - name type: object properties: name: type: string description: type: string permissions: type: array items: type: string oauthScopes: type: array items: type: string UpdateScope: required: - description - name type: object properties: name: type: string description: type: string expiresIn: type: integer format: int32 discovery: type: boolean parameterized: type: boolean iconUri: type: string UpdateServiceResource: required: - configuration - name type: object properties: name: type: string configuration: type: string UpdateTag: required: - name type: object properties: name: type: string description: type: string UpdateUser: required: - email type: object properties: email: maxLength: 320 minLength: 0 type: string firstName: type: string lastName: type: string displayName: type: string externalId: type: string accountNonExpired: type: boolean accountNonLocked: type: boolean credentialsNonExpired: type: boolean enabled: type: boolean preRegistration: type: boolean registrationCompleted: type: boolean source: type: string client: type: string loginsCount: type: integer format: int64 loggedAt: type: string format: date-time preferredLanguage: type: string additionalInformation: type: object additionalProperties: type: object createdAt: type: string format: date-time updatedAt: type: string format: date-time User: type: object properties: id: type: string externalId: type: string username: type: string password: type: string email: type: string displayName: type: string nickName: type: string firstName: type: string lastName: type: string title: type: string type: type: string preferredLanguage: type: string picture: type: string emails: type: array items: $ref: '#/components/schemas/Attribute' phoneNumbers: type: array items: $ref: '#/components/schemas/Attribute' ims: type: array items: $ref: '#/components/schemas/Attribute' photos: type: array items: $ref: '#/components/schemas/Attribute' entitlements: type: array items: type: string addresses: type: array items: $ref: '#/components/schemas/Address' roles: type: array items: type: string dynamicRoles: type: array items: type: string rolesPermissions: uniqueItems: true type: array items: $ref: '#/components/schemas/Role' groups: type: array items: type: string x509Certificates: type: array items: $ref: '#/components/schemas/Certificate' accountNonExpired: type: boolean accountNonLocked: type: boolean accountLockedAt: type: string format: date-time accountLockedUntil: type: string format: date-time credentialsNonExpired: type: boolean enabled: type: boolean internal: type: boolean preRegistration: type: boolean registrationCompleted: type: boolean newsletter: type: boolean registrationUserUri: type: string registrationAccessToken: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string source: type: string client: type: string loginsCount: type: integer format: int64 factors: type: array items: $ref: '#/components/schemas/EnrolledFactor' identities: type: array items: $ref: '#/components/schemas/UserIdentity' lastIdentityUsed: type: string additionalInformation: type: object additionalProperties: type: object loggedAt: type: string format: date-time lastLoginWithCredentials: type: string format: date-time lastPasswordReset: type: string format: date-time lastUsernameReset: type: string format: date-time lastLogoutAt: type: string format: date-time mfaEnrollmentSkippedAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time address: type: object additionalProperties: type: object locale: type: string zoneInfo: type: string inactive: type: boolean profile: type: string website: type: string middleName: type: string lastIdentityInformation: type: object additionalProperties: type: object identitiesAsMap: type: object additionalProperties: type: object birthdate: type: string phoneNumber: type: string UserEntity: type: object properties: id: type: string externalId: type: string username: type: string password: type: string email: type: string displayName: type: string nickName: type: string firstName: type: string lastName: type: string title: type: string type: type: string preferredLanguage: type: string picture: type: string emails: type: array items: $ref: '#/components/schemas/Attribute' phoneNumbers: type: array items: $ref: '#/components/schemas/Attribute' ims: type: array items: $ref: '#/components/schemas/Attribute' photos: type: array items: $ref: '#/components/schemas/Attribute' entitlements: type: array items: type: string addresses: type: array items: $ref: '#/components/schemas/Address' roles: type: array items: type: string dynamicRoles: type: array items: type: string rolesPermissions: uniqueItems: true type: array items: $ref: '#/components/schemas/Role' groups: type: array items: type: string x509Certificates: type: array items: $ref: '#/components/schemas/Certificate' accountNonExpired: type: boolean accountNonLocked: type: boolean accountLockedAt: type: string format: date-time accountLockedUntil: type: string format: date-time credentialsNonExpired: type: boolean enabled: type: boolean internal: type: boolean preRegistration: type: boolean registrationCompleted: type: boolean newsletter: type: boolean registrationUserUri: type: string registrationAccessToken: type: string referenceType: type: string enum: - PLATFORM - DOMAIN - APPLICATION - ORGANIZATION - ENVIRONMENT referenceId: type: string source: type: string client: type: string loginsCount: type: integer format: int64 factors: type: array items: $ref: '#/components/schemas/EnrolledFactor' identities: type: array items: $ref: '#/components/schemas/UserIdentity' lastIdentityUsed: type: string additionalInformation: type: object additionalProperties: type: object loggedAt: type: string format: date-time lastLoginWithCredentials: type: string format: date-time lastPasswordReset: type: string format: date-time lastUsernameReset: type: string format: date-time lastLogoutAt: type: string format: date-time mfaEnrollmentSkippedAt: type: string format: date-time createdAt: type: string format: date-time updatedAt: type: string format: date-time applicationEntity: $ref: '#/components/schemas/ApplicationEntity' sourceId: type: string address: type: object additionalProperties: type: object locale: type: string zoneInfo: type: string inactive: type: boolean profile: type: string website: type: string middleName: type: string lastIdentityInformation: type: object additionalProperties: type: object identitiesAsMap: type: object additionalProperties: type: object birthdate: type: string phoneNumber: type: string UserIdentity: type: object properties: userId: type: string providerId: type: string additionalInformation: type: object additionalProperties: type: object linkedAt: type: string format: date-time UserIdentityEntity: type: object properties: userId: type: string providerId: type: string additionalInformation: type: object additionalProperties: type: object linkedAt: type: string format: date-time providerName: type: string UserNotificationContent: type: object properties: id: type: string status: type: string enum: - UNREAD - READ title: type: string message: type: string createdAt: type: string format: date-time UserPage: type: object properties: data: type: array items: $ref: '#/components/schemas/User' currentPage: type: integer format: int32 totalCount: type: integer format: int64 UsernameEntity: type: object properties: username: type: string VirtualHost: type: object properties: host: type: string path: type: string overrideEntrypoint: type: boolean WebAuthnSettings: type: object properties: origin: type: string relyingPartyId: type: string relyingPartyName: type: string requireResidentKey: type: boolean userVerification: type: string enum: - REQUIRED - PREFERRED - DISCOURAGED authenticatorAttachment: type: string enum: - CROSS_PLATFORM - PLATFORM attestationConveyancePreference: type: string enum: - NONE - INDIRECT - DIRECT forceRegistration: type: boolean certificates: type: object additionalProperties: type: object enforceAuthenticatorIntegrity: type: boolean enforceAuthenticatorIntegrityMaxAge: type: integer format: int32 securitySchemes: gravitee-auth: type: http scheme: basic