{"openapi":"3.0.1","servers":[{"url":"https://[tenant_id].logto.app/","description":"Logto endpoint address."}],"info":{"title":"Logto API references","description":"API references for Logto services.\n\nNote: The documentation is for Logto Cloud. If you are using Logto OSS, please refer to the response of `/api/swagger.json` endpoint on your Logto instance.","version":"Cloud"},"paths":{"/api/applications":{"get":{"operationId":"ListApplications","tags":["Applications"],"parameters":[{"name":"types","in":"query","required":false,"schema":{"oneOf":[{"type":"array","items":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]}},{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]}]},"description":"An array of application types to filter applications."},{"name":"excludeRoleId","in":"query","required":false,"schema":{"type":"string"}},{"name":"excludeOrganizationId","in":"query","required":false,"schema":{"type":"string"}},{"name":"isThirdParty","in":"query","required":false,"schema":{"oneOf":[{"type":"string","format":"\"true\""},{"type":"string","format":"\"false\""}]}},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"A list of applications.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"$ref":"#/components/schemas/ApplicationLegacySecret"},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get applications","description":"Get applications that match the given query with pagination."},"post":{"operationId":"CreateApplication","tags":["Applications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","type"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"protectedAppMetadata":{"type":"object","required":["subDomain","origin"],"properties":{"subDomain":{"type":"string","description":"The subdomain prefix, e.g., my-site."},"origin":{"type":"string","description":"The origin of target website, e.g., https://example.com."}},"description":"The data for protected app, this feature is not available for open source version."}}}}}},"responses":{"200":{"description":"The application was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"$ref":"#/components/schemas/ApplicationLegacySecret"},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Validation error. Please check the request body."},"500":{"description":"Internal Server Error"}},"summary":"Create an application","description":"Create a new application with the given data."}},"/api/applications/{id}":{"get":{"operationId":"GetApplication","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"responses":{"200":{"description":"Details of the application.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt","isAdmin"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"$ref":"#/components/schemas/ApplicationLegacySecret"},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"},"isAdmin":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application with the specified ID was not found."}},"summary":"Get application","description":"Get application details by ID."},"patch":{"operationId":"UpdateApplication","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"customData":{"type":"object","description":"arbitrary"},"protectedAppMetadata":{"type":"object","properties":{"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}}},"nullable":true},"isAdmin":{"type":"boolean","description":"Whether the application has admin access. User can enable the admin access for Machine-to-Machine apps."}}}}}},"responses":{"200":{"description":"The application was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"$ref":"#/components/schemas/ApplicationLegacySecret"},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application with the specified ID was not found."},"422":{"description":"Validation error. Please check the request body."},"500":{"description":"Internal server error."}},"summary":"Update application","description":"Update application details by ID with the given data."},"delete":{"operationId":"DeleteApplication","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"responses":{"204":{"description":"The application was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application with the specified ID was not found."},"422":{"description":"Unprocessable Content"}},"summary":"Delete application","description":"Delete application by ID."}},"/api/applications/{applicationId}/custom-data":{"patch":{"operationId":"UpdateApplicationCustomData","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","description":"An arbitrary JSON object."}}}},"responses":{"200":{"description":"The updated custom data in JSON.","content":{"application/json":{"schema":{"type":"object","description":"arbitrary"}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update application custom data","description":"Update the custom data of an application."}},"/api/applications/{applicationId}/roles":{"get":{"operationId":"ListApplicationRoles","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of API resource roles assigned to the application.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type","isDefault"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Get application API resource roles","description":"Get API resource roles assigned to the specified application with pagination."},"post":{"operationId":"AssignApplicationRoles","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["roleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs to assign."}}}}}},"responses":{"201":{"description":"The API resource roles have been assigned to the application successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Assign API resource roles to application","description":"Assign API resource roles to the specified application. The API resource roles will be added to the existing API resource roles."},"put":{"operationId":"ReplaceApplicationRoles","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["roleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs to update for the application."}}}}}},"responses":{"200":{"description":"The API resource roles have been updated for the application successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update API resource roles for application","description":"Update API resource roles assigned to the specified application. This will replace the existing API resource roles."}},"/api/applications/{applicationId}/roles/{roleId}":{"delete":{"operationId":"DeleteApplicationRole","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"},{"$ref":"#/components/parameters/roleId"}],"responses":{"204":{"description":"The API resource role has been removed from the application successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Remove a API resource role from application","description":"Remove a API resource role from the specified application."}},"/api/applications/{id}/protected-app-metadata/custom-domains":{"get":{"operationId":"ListApplicationProtectedAppMetadataCustomDomains","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"responses":{"200":{"description":"An array of the application custom domains.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}}}},"400":{"description":"Faild to sync the domain info from remote provider."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"501":{"description":"Not Implemented"}},"summary":"Get application custom domains.","description":"Get custom domains of the specified application, the application type should be protected app."},"post":{"operationId":"CreateApplicationProtectedAppMetadataCustomDomain","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["domain"],"properties":{"domain":{"type":"string","description":"The domain to be added to the application."}}}}}},"responses":{"201":{"description":"The domain has been added to the application.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"409":{"description":"The domain already exists."},"422":{"description":"Exeeded the maximum number of domains allowed or the domain is invalid."},"501":{"description":"Not Implemented"}},"summary":"Add a custom domain to the application.","description":"Add a custom domain to the application. You'll need to setup DNS record later."}},"/api/applications/{id}/protected-app-metadata/custom-domains/{domain}":{"delete":{"operationId":"DeleteApplicationProtectedAppMetadataCustomDomain","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"name":"domain","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"The domain has been removed."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Can not find the domain."},"501":{"description":"Not Implemented"}},"summary":"Remove custom domain.","description":"Remove custom domain from the specified application."}},"/api/applications/{id}/organizations":{"get":{"operationId":"ListApplicationOrganizations","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"An array of organizations that the application is associated with.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get application organizations","description":"Get the list of organizations that an application is associated with."}},"/api/applications/{id}/legacy-secret":{"delete":{"operationId":"DeleteApplicationLegacySecret","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"type":"string","minLength":1,"maxLength":64},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"204":{"description":"The legacy secret was deleted successfully."},"400":{"description":"The application does not have a legacy secret."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete application legacy secret","description":"Delete the legacy secret for the application and replace it with a new internal secret.\n\nNote: This operation does not \"really\" delete the legacy secret because it is still needed for internal validation. We may remove the display of the legacy secret (the `secret` field in the application response) in the future."}},"/api/applications/{id}/secrets":{"get":{"operationId":"ListApplicationSecrets","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"responses":{"200":{"description":"A list of secrets.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","applicationId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get application secrets","description":"Get all the secrets for the application."},"post":{"operationId":"CreateApplicationSecret","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The secret name. Must be unique within the application."},"expiresAt":{"type":"number","nullable":true,"description":"The epoch time in milliseconds when the secret will expire. If not provided, the secret will never expire."}}}}}},"responses":{"201":{"description":"The secret was added successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","applicationId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The secret name is already in use."}},"summary":"Add application secret","description":"Add a new secret for the application."}},"/api/applications/{id}/secrets/{name}":{"delete":{"operationId":"DeleteApplicationSecret","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"name":"name","in":"path","required":true,"schema":{"type":"string"},"description":"The name of the secret."}],"responses":{"204":{"description":"The secret was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete application secret","description":"Delete a secret for the application by name."},"patch":{"operationId":"UpdateApplicationSecret","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"name":"name","in":"path","required":true,"schema":{"type":"string"},"description":"The name of the secret."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The secret name to update. Must be unique within the application."}}}}}},"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object","required":["tenantId","applicationId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}},"204":{"description":"The secret was updated successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update application secret","description":"Update a secret for the application by name."}},"/api/applications/{applicationId}/user-consent-scopes":{"post":{"operationId":"CreateApplicationUserConsentScope","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"organizationScopes":{"type":"array","items":{"type":"string"},"description":"A list of organization scope id to assign to the application. Throws error if any given organization scope is not found."},"resourceScopes":{"type":"array","items":{"type":"string"},"description":"A list of resource scope id to assign to the application. Throws error if any given resource scope is not found."},"organizationResourceScopes":{"type":"array","items":{"type":"string"},"description":"A list of organization resource scope id to assign to the application. Throws error if any given resource scope is not found."},"userScopes":{"type":"array","items":{"type":"string","enum":["profile","email","phone","address","custom_data","identities","roles","urn:logto:scope:organizations","urn:logto:scope:organization_roles","urn:logto:scope:sessions"]},"description":"A list of user scope enum value to assign to the application."}}}}}},"responses":{"201":{"description":"All the user consent scopes are assigned to the application successfully","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application is not found"},"422":{"description":"Any of the given organization scope, resource scope or user scope is not found"}},"summary":"Assign user consent scopes to application.","description":"Assign the user consent scopes to an application by application id"},"get":{"operationId":"ListApplicationUserConsentScopes","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"responses":{"200":{"description":"All the user consent scopes of the application are listed successfully","content":{"application/json":{"schema":{"type":"object","required":["organizationScopes","resourceScopes","organizationResourceScopes","userScopes"],"properties":{"organizationScopes":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}},"description":"A list of organization scope details assigned to the application."},"resourceScopes":{"type":"array","items":{"type":"object","required":["resource","scopes"],"properties":{"resource":{"type":"object","required":["id","name","indicator"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1}}},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true}}}}}},"description":"A list of resource scope details grouped by resource id assigned to the application."},"organizationResourceScopes":{"type":"array","items":{"type":"object","required":["resource","scopes"],"properties":{"resource":{"type":"object","required":["id","name","indicator"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1}}},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true}}}}}},"description":"A list of organization resource scope details grouped by resource id assigned to the application."},"userScopes":{"type":"array","items":{"type":"string","enum":["profile","email","phone","address","custom_data","identities","roles","urn:logto:scope:organizations","urn:logto:scope:organization_roles","urn:logto:scope:sessions"]},"description":"A list of user scope enum value assigned to the application."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application is not found"}},"summary":"List all the user consent scopes of an application.","description":"List all the user consent scopes of an application by application id"}},"/api/applications/{applicationId}/user-consent-scopes/{scopeType}/{scopeId}":{"delete":{"operationId":"DeleteApplicationUserConsentScope","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"},{"name":"scopeType","in":"path","required":true,"schema":{"type":"string","enum":["organization-scopes","resource-scopes","organization-resource-scopes","user-scopes"]}},{"$ref":"#/components/parameters/scopeId"}],"responses":{"204":{"description":"The user consent scope is removed from the application successfully"},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application or scope is not found"}},"summary":"Remove user consent scope from application.","description":"Remove the user consent scope from an application by application id, scope type and scope id"}},"/api/applications/{applicationId}/sign-in-experience":{"put":{"operationId":"ReplaceApplicationSignInExperience","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["termsOfUseUrl","privacyPolicyUrl"],"properties":{"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"displayName":{"type":"string","maxLength":256,"nullable":true},"termsOfUseUrl":{"oneOf":[{"type":"string","format":"url","maxLength":2048,"nullable":true},{"type":"string","format":"empty"}]},"privacyPolicyUrl":{"oneOf":[{"type":"string","format":"url","maxLength":2048,"nullable":true},{"type":"string","format":"empty"}]}}}}}},"responses":{"200":{"description":"The application's sign-in experience was successfully updated.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","applicationId","color","branding","customCss","termsOfUseUrl","privacyPolicyUrl","displayName"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"displayName":{"type":"string","maxLength":256,"nullable":true}}}}}},"201":{"description":"A new application level sign-in experience settings was successfully created.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","applicationId","color","branding","customCss","termsOfUseUrl","privacyPolicyUrl","displayName"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"displayName":{"type":"string","maxLength":256,"nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application does not exist."},"422":{"description":"Unprocessable Content"}},"summary":"Update application level sign-in experience","description":"Update application level sign-in experience for the specified application. Create a new sign-in experience if it does not exist. \n - Only branding properties and terms links customization is supported for now. \n\n - Only third-party applications can be customized for now. \n\n - Application level sign-in experience customization is optional, if provided, it will override the default branding and terms links."},"get":{"operationId":"GetApplicationSignInExperience","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId"}],"responses":{"200":{"description":"Returns the application's application level sign-in experience.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","applicationId","color","branding","customCss","termsOfUseUrl","privacyPolicyUrl","displayName"],"properties":{"tenantId":{"type":"string","maxLength":21},"applicationId":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"displayName":{"type":"string","maxLength":256,"nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application does not exist or the application level sign-in experience does not exist."}},"summary":"Get the application level sign-in experience","description":"Get application level sign-in experience for a given application. \n - Only branding properties and terms links customization is supported for now. \n\n - Only third-party applications can have the sign-in experience customization for now."}},"/api/applications/{id}/users/{userId}/consent-organizations":{"get":{"operationId":"ListApplicationUserConsentOrganizations","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"$ref":"#/components/parameters/userId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"List of organization entities granted by the user for the application.","content":{"application/json":{"schema":{"type":"object","required":["organizations"],"properties":{"organizations":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}},"description":"A list of organization entities granted by the user for the application."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"List all the user consented organizations of a application.","description":"List all the user consented organizations for a application by application id and user id."},"put":{"operationId":"ReplaceApplicationUserConsentOrganizations","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationIds"],"properties":{"organizationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"A list of organization ids to be granted. <br/> All the existing organizations' access will be revoked if not in the list. <br/> If the list is empty, all the organizations' access will be revoked."}}}}}},"responses":{"204":{"description":"All the request organizations's access are granted to the user for the application. "},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application or user is not found."},"422":{"description":"The user is not a member of one of the organizations, or the application is not a third-party application."}},"summary":"Grant a list of organization access of a user for a application.","description":"Grant a list of organization access of a user for a application by application id and user id. <br/> The user must be a member of all the organizations. <br/> Only third-party application needs to be granted access to organizations, all the other applications can request for all the organizations' access by default."},"post":{"operationId":"CreateApplicationUserConsentOrganization","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationIds"],"properties":{"organizationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"A list of organization ids to be granted."}}}}}},"responses":{"201":{"description":"All the request organizations's access are granted to the user for the application.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application or user is not found."},"422":{"description":"The user is not a member of one of the organizations, or the application is not a third-party application."}},"summary":"Grant a list of organization access of a user for a application.","description":"Grant a list of organization access of a user for a application by application id and user id. <br/> The user must be a member of all the organizations. <br/> Only third-party application needs to be granted access to organizations, all the other applications can request for all the organizations' access by default."}},"/api/applications/{id}/users/{userId}/consent-organizations/{organizationId}":{"delete":{"operationId":"DeleteApplicationUserConsentOrganization","tags":["Applications"],"parameters":[{"$ref":"#/components/parameters/applicationId-root"},{"$ref":"#/components/parameters/userId"},{"$ref":"#/components/parameters/organizationId"}],"responses":{"204":{"description":"The user's access to the organization is revoked for the application."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The application, user or organization is not found."},"422":{"description":"Unprocessable Content"}},"summary":"Revoke a user's access to an organization for a application.","description":"Revoke a user's access to an organization for a application by application id, user id and organization id."}},"/api/configs/admin-console":{"get":{"operationId":"GetAdminConsoleConfig","tags":["Configs"],"parameters":[],"responses":{"200":{"description":"The configuration object.","content":{"application/json":{"schema":{"type":"object","required":["signInExperienceCustomized","organizationCreated"],"properties":{"signInExperienceCustomized":{"type":"boolean"},"organizationCreated":{"type":"boolean"},"developmentTenantMigrationNotification":{"type":"object","required":["isPaidTenant","tag"],"properties":{"isPaidTenant":{"type":"boolean"},"tag":{"type":"string"},"readAt":{"type":"number"}}},"checkedChargeNotification":{"type":"object","properties":{"token":{"type":"boolean"},"apiResource":{"type":"boolean"},"machineToMachineApp":{"type":"boolean"},"tenantMember":{"type":"boolean"}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Configuration not found."}},"summary":"Get admin console config","description":"Get the global configuration object for Logto Console."},"patch":{"operationId":"UpdateAdminConsoleConfig","tags":["Configs"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"signInExperienceCustomized":{"type":"boolean"},"organizationCreated":{"type":"boolean"},"developmentTenantMigrationNotification":{"type":"object","required":["isPaidTenant","tag"],"properties":{"isPaidTenant":{"type":"boolean"},"tag":{"type":"string"},"readAt":{"type":"number"}}},"checkedChargeNotification":{"type":"object","properties":{"token":{"type":"boolean"},"apiResource":{"type":"boolean"},"machineToMachineApp":{"type":"boolean"},"tenantMember":{"type":"boolean"}}}}}}}},"responses":{"200":{"description":"The updated configuration object.","content":{"application/json":{"schema":{"type":"object","required":["signInExperienceCustomized","organizationCreated"],"properties":{"signInExperienceCustomized":{"type":"boolean"},"organizationCreated":{"type":"boolean"},"developmentTenantMigrationNotification":{"type":"object","required":["isPaidTenant","tag"],"properties":{"isPaidTenant":{"type":"boolean"},"tag":{"type":"string"},"readAt":{"type":"number"}}},"checkedChargeNotification":{"type":"object","properties":{"token":{"type":"boolean"},"apiResource":{"type":"boolean"},"machineToMachineApp":{"type":"boolean"},"tenantMember":{"type":"boolean"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Configuration not found."}},"summary":"Update admin console config","description":"Update the global configuration object for Logto Console. This method performs a partial update."}},"/api/configs/oidc/{keyType}":{"get":{"operationId":"GetOidcKeys","tags":["Configs"],"parameters":[{"name":"keyType","in":"path","required":true,"schema":{"type":"string","enum":["private-keys","cookie-keys"]},"description":"Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead."}],"responses":{"200":{"description":"An array of OIDC signing keys for the given key type.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"},"signingKeyAlgorithm":{"type":"string","enum":["RSA","EC"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get OIDC keys","description":"Get OIDC signing keys by key type. The actual key will be redacted from the result."}},"/api/configs/oidc/{keyType}/{keyId}":{"delete":{"operationId":"DeleteOidcKey","tags":["Configs"],"parameters":[{"name":"keyType","in":"path","required":true,"schema":{"type":"string","enum":["private-keys","cookie-keys"]},"description":"Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead."},{"$ref":"#/components/parameters/keyId"}],"responses":{"204":{"description":"The key was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The key was not found."},"422":{"description":"At least one key must be kept."}},"summary":"Delete OIDC key","description":"Delete an OIDC signing key by key type and key ID."}},"/api/configs/oidc/{keyType}/rotate":{"post":{"operationId":"RotateOidcKeys","tags":["Configs"],"parameters":[{"name":"keyType","in":"path","required":true,"schema":{"type":"string","enum":["private-keys","cookie-keys"]},"description":"Private keys are used to sign OIDC JWTs. Cookie keys are used to sign OIDC cookies. For clients, they do not need to know private keys to verify OIDC JWTs; they can use public keys from the JWKS endpoint instead."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"signingKeyAlgorithm":{"type":"string","enum":["RSA","EC"],"description":"The signing key algorithm the new generated private key is using.\n\nOnly applicable when `keyType` is `private-keys`."}}}}}},"responses":{"200":{"description":"An array of OIDC signing keys after rotation.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"},"signingKeyAlgorithm":{"type":"string","enum":["RSA","EC"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Rotate OIDC keys","description":"A new key will be generated and prepend to the list of keys.\n\nOnly two recent keys will be kept. The oldest key will be automatically removed if there are more than two keys."}},"/api/configs/jwt-customizer/{tokenTypePath}":{"put":{"operationId":"UpsertJwtCustomizer","tags":["Configs"],"parameters":[{"name":"tokenTypePath","in":"path","required":true,"schema":{"type":"string","enum":["access-token","client-credentials"]},"description":"The token type to create a JWT customizer for."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"example":{},"properties":{"script":{"description":"The script of the JWT customizer."},"environmentVariables":{"description":"The environment variables for the JWT customizer."},"contextSample":{"description":"The sample context for the JWT customizer script testing purpose."},"tokenSample":{"description":"The sample raw token payload for the JWT customizer script testing purpose."}}}}}},"responses":{"200":{"description":"The updated JWT customizer.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}}}},{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}}}}]}}}},"201":{"description":"The created JWT customizer.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}}}},{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}}}}]}}}},"400":{"description":"The request body is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Permission denied."}},"summary":"Create or update JWT customizer","description":"Create or update a JWT customizer for the given token type."},"patch":{"operationId":"UpdateJwtCustomizer","tags":["Configs"],"parameters":[{"name":"tokenTypePath","in":"path","required":true,"schema":{"type":"string","enum":["access-token","client-credentials"]},"description":"The token type to update a JWT customizer for."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"example":{},"properties":{"script":{"description":"The script of the JWT customizer."},"environmentVariables":{"description":"The environment variables for the JWT customizer."},"contextSample":{"description":"The sample context for the JWT customizer script testing purpose."},"tokenSample":{"description":"The sample raw token payload for the JWT customizer script testing purpose."}}}}}},"responses":{"200":{"description":"The updated JWT customizer.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}}}},{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}}}}]}}}},"400":{"description":"The request body is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update JWT customizer","description":"Update the JWT customizer for the given token type."},"get":{"operationId":"GetJwtCustomizer","tags":["Configs"],"parameters":[{"name":"tokenTypePath","in":"path","required":true,"schema":{"type":"string","enum":["access-token","client-credentials"]},"description":"The token type to get the JWT customizer for."}],"responses":{"200":{"description":"The JWT customizer.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}}}},{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}}}}]}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The JWT customizer does not exist."}},"summary":"Get JWT customizer","description":"Get the JWT customizer for the given token type."},"delete":{"operationId":"DeleteJwtCustomizer","tags":["Configs"],"parameters":[{"name":"tokenTypePath","in":"path","required":true,"schema":{"type":"string","enum":["access-token","client-credentials"]},"description":"The token type path to delete the JWT customizer for."}],"responses":{"204":{"description":"The JWT customizer was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The JWT customizer does not exist."}},"summary":"Delete JWT customizer","description":"Delete the JWT customizer for the given token type."}},"/api/configs/jwt-customizer":{"get":{"operationId":"ListJwtCustomizers","tags":["Configs"],"parameters":[],"responses":{"200":{"description":"The JWT customizers.","content":{"application/json":{"schema":{"type":"array","items":{"oneOf":[{"type":"object","required":["key","value"],"properties":{"key":{"type":"string","format":"\"jwt.accessToken\""},"value":{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}}}}}},{"type":"object","required":["key","value"],"properties":{"key":{"type":"string","format":"\"jwt.clientCredentials\""},"value":{"type":"object","required":["script"],"properties":{"script":{"type":"string"},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"contextSample":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}},"tokenSample":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}}}}}}]}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get all JWT customizers","description":"Get all JWT customizers for the tenant."}},"/api/configs/jwt-customizer/test":{"post":{"operationId":"TestJwtCustomizer","tags":["Configs"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["tokenType","script","token","context"],"properties":{"tokenType":{"type":"string","format":"\"access-token\""},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"script":{"type":"string"},"token":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"accountId":{"type":"string"},"expiresWithSession":{"type":"boolean"},"grantId":{"type":"string"},"gty":{"type":"string"},"sessionUid":{"type":"string"},"sid":{"type":"string"},"kind":{"type":"string","format":"\"AccessToken\""}}},"context":{"type":"object","required":["user"],"properties":{"user":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["issuer","identityId","detail"],"properties":{"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"}}}},"mfaVerificationFactors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"roles":{"type":"array","items":{"type":"object","required":["id","name","description","scopes"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"scopes":{"type":"array","items":{"type":"object","required":["id","name","description","resourceId","resource"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"resourceId":{"type":"string","minLength":1,"maxLength":21},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"organizations":{"type":"array","items":{"type":"object","required":["id","name","description"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}},"organizationRoles":{"type":"array","items":{"type":"object","required":["organizationId","roleId","roleName"],"properties":{"organizationId":{"type":"string"},"roleId":{"type":"string"},"roleName":{"type":"string"}}}}}},"grant":{"type":"object","properties":{"type":{"type":"string","format":"\"urn:ietf:params:oauth:grant-type:token-exchange\""},"subjectTokenContext":{"type":"object","description":"arbitrary"}}},"interaction":{"type":"object","properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"registrationRpId":{"type":"string"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}}]}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}}}},"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}}},{"type":"object","required":["tokenType","script","token","context"],"properties":{"tokenType":{"type":"string","format":"\"client-credentials\""},"environmentVariables":{"type":"object","additionalProperties":{"type":"string"}},"script":{"type":"string"},"token":{"type":"object","properties":{"jti":{"type":"string"},"aud":{"oneOf":[{"type":"string"},{"type":"array","items":{"type":"string"}}]},"scope":{"type":"string"},"clientId":{"type":"string"},"kind":{"type":"string","format":"\"ClientCredentials\""}}},"context":{"type":"object","properties":{"application":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}}}],"properties":{"tokenType":{"description":"The token type to test the JWT customizer for."},"payload":{"properties":{"script":{"description":"The code snippet of the JWT customizer."},"environmentVariables":{"description":"The environment variables for the JWT customizer."},"contextSample":{"description":"The sample context for the JWT customizer script testing purpose."},"tokenSample":{"description":"The sample token payload for the JWT customizer script testing purpose."}}}}}}}},"responses":{"200":{"description":"The result of the JWT customizer script testing.","content":{"application/json":{"schema":{"type":"object","description":"arbitrary"}}}},"400":{"description":"Zod errors in cloud service (data type does not match expectation, can be either request body or response body)."},"401":{"description":"Unauthorized"},"403":{"description":"Cloud connection does not have enough permission to perform the action."},"422":{"description":"Syntax errors in cloud service."}},"summary":"Test JWT customizer","description":"Test the JWT customizer script with the given sample context and sample token payload."}},"/api/configs/id-token":{"get":{"operationId":"GetIdTokenConfig","tags":["Configs"],"parameters":[],"responses":{"200":{"description":"The ID token claims configuration.","content":{"application/json":{"schema":{"type":"object","properties":{"enabledExtendedClaims":{"type":"array","items":{"type":"string","enum":["custom_data","identities","sso_identities","roles","organizations","organization_data","organization_roles"]}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Configuration not found."}},"summary":"Get ID token claims configuration","description":"Get the ID token extended claims configuration for the tenant. This configuration controls which extended claims (e.g., `custom_data`, `identities`, `roles`, `organizations`, `organization_roles`) are included in ID tokens."},"put":{"operationId":"UpsertIdTokenConfig","tags":["Configs"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"enabledExtendedClaims":{"type":"array","items":{"type":"string","enum":["custom_data","identities","sso_identities","roles","organizations","organization_data","organization_roles"]},"description":"An array of extended claims to include in ID tokens. Possible values: `custom_data`, `identities`, `sso_identities`, `roles`, `organizations`, `organization_data`, `organization_roles`."}}}}}},"responses":{"200":{"description":"The updated ID token claims configuration.","content":{"application/json":{"schema":{"type":"object","properties":{"enabledExtendedClaims":{"type":"array","items":{"type":"string","enum":["custom_data","identities","sso_identities","roles","organizations","organization_data","organization_roles"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"The tenant's subscription plan does not support this feature."}},"summary":"Upsert ID token claims configuration","description":"Create or update the ID token extended claims configuration for the tenant. This controls which extended claims are included in ID tokens when the corresponding scopes are requested."}},"/api/connectors":{"post":{"operationId":"CreateConnector","tags":["Connectors"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["connectorId"],"properties":{"config":{"type":"object","description":"The connector config object that will be passed to the connector. The config object should be compatible with the connector factory."},"connectorId":{"type":"string","minLength":1,"maxLength":128,"description":"The connector factory ID for creating the connector."},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}},"description":"Custom connector metadata, will be used to overwrite the default connector factory metadata."},"syncProfile":{"type":"boolean","description":"Whether to sync user profile from the identity provider to Logto at each sign-in. If `false`, the user profile will only be synced when the user is created."},"enableTokenStorage":{"type":"boolean"},"id":{"type":"string","minLength":1,"maxLength":128,"description":"The unique ID for the connector. If not provided, a random ID will be generated."}}}}}},"responses":{"200":{"description":"The created connector.","content":{"application/json":{"schema":{"type":"object","required":["id","syncProfile","enableTokenStorage","config","metadata","connectorId","target","name","description","logo","logoDark","readme","platform","type"],"properties":{"id":{"type":"string"},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"config":{"type":"object","description":"arbitrary"},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}}},"connectorId":{"type":"string","minLength":1,"maxLength":128},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"},"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"extraInfo":{"type":"object","additionalProperties":{"example":{}}},"usage":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"The tenant has reached the maximum number of connectors."},"422":{"description":"Invalid request body."}},"summary":"Create connector","description":"Create a connector with the given data."},"get":{"operationId":"ListConnectors","tags":["Connectors"],"parameters":[{"name":"target","in":"query","required":false,"schema":{"type":"string"},"description":"Filter connectors by target."}],"responses":{"200":{"description":"An array of connectors.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","syncProfile","enableTokenStorage","config","metadata","connectorId","target","name","description","logo","logoDark","readme","platform","type"],"properties":{"id":{"type":"string"},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"config":{"type":"object","description":"arbitrary"},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}}},"connectorId":{"type":"string","minLength":1,"maxLength":128},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"},"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"extraInfo":{"type":"object","additionalProperties":{"example":{}}},"usage":{"type":"number"}}}}}}},"400":{"description":"The target only allows one connector to exist, but there are multiple connectors with this target."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get connectors","description":"Get all connectors in the current tenant."}},"/api/connectors/{id}":{"get":{"operationId":"GetConnector","tags":["Connectors"],"parameters":[{"$ref":"#/components/parameters/connectorId-root"}],"responses":{"200":{"description":"The connector data.","content":{"application/json":{"schema":{"type":"object","required":["id","syncProfile","enableTokenStorage","config","metadata","connectorId","target","name","description","logo","logoDark","readme","platform","type"],"properties":{"id":{"type":"string"},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"config":{"type":"object","description":"arbitrary"},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}}},"connectorId":{"type":"string","minLength":1,"maxLength":128},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"},"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"extraInfo":{"type":"object","additionalProperties":{"example":{}}},"usage":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Connector not found."}},"summary":"Get connector","description":"Get connector data by ID"},"patch":{"operationId":"UpdateConnector","tags":["Connectors"],"parameters":[{"$ref":"#/components/parameters/connectorId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"config":{"type":"object","description":"The connector config object that will be passed to the connector. The config object should be compatible with the connector factory."},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}},"description":"Custom connector metadata, will be used to overwrite the default connector metadata."},"syncProfile":{"type":"boolean","description":"Whether to sync user profile from the identity provider to Logto at each sign-in. If `false`, the user profile will only be synced when the user is created."},"enableTokenStorage":{"type":"boolean"}}}}}},"responses":{"200":{"description":"The updated connector.","content":{"application/json":{"schema":{"type":"object","required":["id","syncProfile","enableTokenStorage","config","metadata","connectorId","target","name","description","logo","logoDark","readme","platform","type"],"properties":{"id":{"type":"string"},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"config":{"type":"object","description":"arbitrary"},"metadata":{"type":"object","properties":{"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true}}},"connectorId":{"type":"string","minLength":1,"maxLength":128},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"},"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"extraInfo":{"type":"object","additionalProperties":{"example":{}}},"usage":{"type":"number"}}}}}},"400":{"description":"Invalid request body."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Connector not found."},"422":{"description":"Patch operation triggered a connector conflict."}},"summary":"Update connector","description":"Update connector by ID with the given data. This methods performs a partial update."},"delete":{"operationId":"DeleteConnector","tags":["Connectors"],"parameters":[{"$ref":"#/components/parameters/connectorId-root"}],"responses":{"204":{"description":"The connector has been successfully deleted."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Connector not found."}},"summary":"Delete connector","description":"Delete connector by ID."}},"/api/connectors/{factoryId}/test":{"post":{"operationId":"CreateConnectorTest","tags":["Connectors"],"parameters":[{"$ref":"#/components/parameters/factoryId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["config"],"properties":{"phone":{"type":"string","format":"regex","pattern":"/^\\d+$/","description":"Phone number to send test message to. If this is set, email will be ignored."},"email":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/","description":"Email address to send test message to. If phone is set, this will be ignored."},"config":{"type":"object","description":"Connector configuration object for testing."},"locale":{"type":"string","description":"Preferred language for the message. If not set, the default language will be used. (Applicable only when custom i18n templates are configured.)"}}}}}},"responses":{"204":{"description":"Test message was sent successfully."},"400":{"description":"Invalid request body (e.g. wrong phone number, email or config)."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Connector not found."}},"summary":"Test passwordless connector","description":"Test a passwordless (email or SMS) connector by sending a test message to the given phone number or email address."}},"/api/connectors/{connectorId}/authorization-uri":{"post":{"operationId":"CreateConnectorAuthorizationUri","tags":["Connectors"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["state","redirectUri"],"properties":{"state":{"type":"string","description":"A random string generated on the client side to prevent CSRF (Cross-Site Request Forgery) attacks."},"redirectUri":{"type":"string","description":"The URI to navigate back to after the user is authenticated by the connected social identity provider and has granted access to the connector."}}}}}},"responses":{"200":{"description":"Successfully built authorization URI.","content":{"application/json":{"schema":{"type":"object","required":["redirectTo"],"properties":{"redirectTo":{"type":"string","format":"url"},"redirectUri":{"description":"The URI to navigate for authentication and authorization in the connected social identity provider."}}}}}},"400":{"description":"Unable to build authorization URI."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The connector with the specified ID does not exist."}},"summary":"Get connector's authorization URI","description":"Get authorization URI for specified connector by providing redirect URI and randomly generated state."}},"/api/connector-factories":{"get":{"operationId":"ListConnectorFactories","tags":["Connector factories"],"parameters":[],"responses":{"200":{"description":"An array of connector factories.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["type","id","target","name","description","logo","logoDark","readme","platform"],"properties":{"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"id":{"type":"string"},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get connector factories","description":"Get all connector factories data available in Logto."}},"/api/connector-factories/{id}":{"get":{"operationId":"GetConnectorFactory","tags":["Connector factories"],"parameters":[{"$ref":"#/components/parameters/connectorFactoryId-root"}],"responses":{"200":{"description":"Connector factory data.","content":{"application/json":{"schema":{"type":"object","required":["type","id","target","name","description","logo","logoDark","readme","platform"],"properties":{"type":{"type":"string","enum":["Email","Sms","Social"]},"isDemo":{"type":"boolean"},"id":{"type":"string"},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"description":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"readme":{"type":"string"},"configTemplate":{"type":"string"},"formItems":{"type":"array","items":{"oneOf":[{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"Select\""},"selectItems":{"type":"array","items":{"type":"object","required":["value","title"],"properties":{"value":{"type":"string"},"title":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","selectItems","key","label"],"properties":{"type":{"type":"string","format":"\"MultiSelect\""},"selectItems":{"type":"array","items":{"type":"object","required":["value"],"properties":{"value":{"type":"string"}}}},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}},{"type":"object","required":["type","key","label"],"properties":{"type":{"type":"string","enum":["Text","Number","MultilineText","Switch","Json"]},"key":{"type":"string"},"label":{"type":"string"},"placeholder":{"type":"string"},"required":{"type":"boolean"},"defaultValue":{"example":{}},"showConditions":{"type":"array","items":{"type":"object","required":["targetKey"],"properties":{"targetKey":{"type":"string"},"expectValue":{"example":{}}}}},"description":{"type":"string"},"tooltip":{"type":"string"},"isConfidential":{"type":"boolean"},"isDevFeature":{"type":"boolean"}}}]}},"customData":{"type":"object","additionalProperties":{"example":{}}},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Connector factory not found."}},"summary":"Get connector factory","description":"Get connector factory by the given ID."}},"/api/resources":{"get":{"operationId":"ListResources","tags":["Resources"],"parameters":[{"name":"includeScopes","in":"query","required":false,"schema":{"type":"string"},"description":"If it's provided with a truthy value (`true`, `1`, `yes`), the scopes of each resource will be included in the response."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"An array of resources.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"},"scopes":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get API resources","description":"Get API resources in the current tenant with pagination."},"post":{"operationId":"CreateResource","tags":["Resources"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","indicator"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"description":"The name of the resource."},"indicator":{"type":"string","minLength":1,"description":"The unique resource indicator. Should be a valid URI."},"accessTokenTtl":{"type":"number","description":"The access token TTL in seconds. It affects the `exp` claim of the access token granted for this resource.","default":3600}}}}}},"responses":{"201":{"description":"The created resource.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"},"scopes":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Create an API resource","description":"Create an API resource in the current tenant."}},"/api/resources/{id}":{"get":{"operationId":"GetResource","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId-root"}],"responses":{"200":{"description":"The requested resource.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get API resource","description":"Get an API resource details by ID."},"patch":{"operationId":"UpdateResource","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"description":"The updated name of the resource."},"accessTokenTtl":{"type":"number","description":"The updated access token TTL in seconds."}}}}}},"responses":{"200":{"description":"The updated resource.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update API resource","description":"Update an API resource details by ID with the given data. This method performs a partial update."},"delete":{"operationId":"DeleteResource","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId-root"}],"responses":{"204":{"description":"The resource was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete API resource","description":"Delete an API resource by ID."}},"/api/resources/{id}/is-default":{"patch":{"operationId":"UpdateResourceIsDefault","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["isDefault"],"properties":{"isDefault":{"type":"boolean","description":"The updated value of the `isDefault` property."}}}}}},"responses":{"200":{"description":"The updated resource.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Set API resource as default","description":"Set an API resource as the default resource for the current tenant.\n\nEach tenant can have only one default API resource. If an API resource is set as default, the previously set default API resource will be set as non-default. See [this section](https://docs.logto.io/docs/references/resources/#default-api) for more information."}},"/api/resources/{resourceId}/scopes":{"get":{"operationId":"ListResourceScopes","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of scopes for the requested resource.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get API resource scopes","description":"Get scopes (permissions) defined for an API resource."},"post":{"operationId":"CreateResourceScope","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The name of the scope. It should be unique for the resource."},"description":{"type":"string","nullable":true}}}}}},"responses":{"201":{"description":"The created scope.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Create API resource scope","description":"Create a new scope (permission) for an API resource."}},"/api/resources/{resourceId}/scopes/{scopeId}":{"patch":{"operationId":"UpdateResourceScope","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId"},{"$ref":"#/components/parameters/scopeId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The updated name of the scope. It should be unique for the resource."},"description":{"type":"string","nullable":true}}}}}},"responses":{"200":{"description":"The updated scope.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update API resource scope","description":"Update an API resource scope (permission) for the given resource. This method performs a partial update."},"delete":{"operationId":"DeleteResourceScope","tags":["Resources"],"parameters":[{"$ref":"#/components/parameters/resourceId"},{"$ref":"#/components/parameters/scopeId"}],"responses":{"204":{"description":"The scope was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete API resource scope","description":"Delete an API resource scope (permission) from the given resource."}},"/api/sign-in-exp":{"get":{"operationId":"GetSignInExp","tags":["Sign-in experience"],"parameters":[],"responses":{"200":{"description":"Default sign-in experience settings.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","color","branding","hideLogtoBranding","languageInfo","termsOfUseUrl","privacyPolicyUrl","agreeToTermsPolicy","signIn","signUp","socialSignIn","socialSignInConnectorTargets","signInMode","customCss","customContent","customUiAssets","passwordPolicy","mfa","adaptiveMfa","singleSignOnEnabled","supportEmail","supportWebsiteUrl","unknownSessionRedirectUrl","captchaPolicy","sentinelPolicy","emailBlocklistPolicy","forgotPasswordMethods","passkeySignIn"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","required":["primaryColor","isDarkModeEnabled","darkPrimaryColor"],"properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}},"description":"The primary branding color for the sign-in page (both light/dark mode)."},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"hideLogtoBranding":{"type":"boolean","description":"Cloud only. Whether to hide the Logto branding on hosted sign-in pages."},"languageInfo":{"type":"object","required":["autoDetect","fallbackLanguage"],"properties":{"autoDetect":{"type":"boolean"},"fallbackLanguage":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}},"description":"The language detection policy for the sign-in page."},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"agreeToTermsPolicy":{"type":"string","enum":["Automatic","ManualRegistrationOnly","Manual"]},"signIn":{"type":"object","required":["methods"],"properties":{"methods":{"type":"array","items":{"type":"object","required":["identifier","password","verificationCode","isPasswordPrimary"],"properties":{"identifier":{"type":"string","enum":["username","email","phone"]},"password":{"type":"boolean"},"verificationCode":{"type":"boolean"},"isPasswordPrimary":{"type":"boolean"}}}}},"description":"Sign-in method settings."},"signUp":{"type":"object","required":["identifiers","password","verify"],"properties":{"identifiers":{"type":"array","items":{"type":"string","enum":["username","email","phone"]},"description":"Allowed identifiers when signing-up."},"password":{"type":"boolean","description":"Whether the user is required to set a password when signing-up."},"verify":{"type":"boolean","description":"Whether the user is required to verify their email/phone when signing-up."},"secondaryIdentifiers":{"type":"array","items":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["emailOrPhone"]}]},"verify":{"type":"boolean"}}},"description":"Additional identifiers required during sign-up. Once specified, users will be prompted to provide these identifiers when creating an account."}},"description":"Sign-up method settings."},"socialSignIn":{"type":"object","properties":{"automaticAccountLinking":{"type":"boolean"},"skipRequiredIdentifiers":{"type":"boolean"}}},"socialSignInConnectorTargets":{"type":"array","items":{"type":"string"},"description":"Enabled social sign-in connectors, will displayed on the sign-in page."},"signInMode":{"type":"string","enum":["SignIn","Register","SignInAndRegister"]},"customCss":{"type":"string","nullable":true},"customContent":{"type":"object","additionalProperties":{"type":"string"},"description":"Custom content to display on experience flow pages. the page pathname will be the config key, the content will be the config value."},"customUiAssets":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"}},"nullable":true},"passwordPolicy":{"type":"object","properties":{"length":{"default":{},"type":"object","required":["min","max"],"properties":{"min":{"default":8,"type":"number"},"max":{"default":256,"type":"number"}}},"characterTypes":{"default":{},"type":"object","required":["min"],"properties":{"min":{"default":1,"type":"number"}}},"rejects":{"default":{},"type":"object","required":["pwned","repetitionAndSequence","userInfo","words"],"properties":{"pwned":{"default":true,"type":"boolean"},"repetitionAndSequence":{"default":true,"type":"boolean"},"userInfo":{"default":true,"type":"boolean"},"words":{"default":[],"type":"array","items":{"type":"string"}}}}},"description":"Password policies to adjust the password strength requirements."},"mfa":{"type":"object","required":["factors","policy"],"properties":{"factors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"policy":{"type":"string","enum":["UserControlled","Mandatory","PromptOnlyAtSignIn","PromptAtSignInAndSignUp","NoPrompt","PromptAtSignInAndSignUpMandatory","PromptOnlyAtSignInMandatory"]},"organizationRequiredMfaPolicy":{"type":"string","enum":["NoPrompt","Mandatory"]}},"description":"MFA settings"},"adaptiveMfa":{"type":"object","properties":{"enabled":{"type":"boolean"}},"description":"Adaptive MFA settings."},"singleSignOnEnabled":{"type":"boolean"},"supportEmail":{"type":"string","nullable":true,"description":"The support email address to display on the error pages."},"supportWebsiteUrl":{"type":"string","nullable":true,"description":"The support website URL to display on the error pages."},"unknownSessionRedirectUrl":{"type":"string","nullable":true,"description":"The fallback URL to redirect users when the sign-in session does not exist or unknown. Client should initiates a new authentication flow after the redirection."},"captchaPolicy":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"sentinelPolicy":{"type":"object","properties":{"maxAttempts":{"type":"number"},"lockoutDuration":{"type":"number"}},"description":"Custom sentinel policy settings. Use this field to customize the user lockout policy. The default value is 100 failed attempts within one hour. The user will be locked out for 60 minutes after exceeding the limit."},"emailBlocklistPolicy":{"type":"object","properties":{"blockDisposableAddresses":{"type":"boolean"},"blockSubaddressing":{"type":"boolean","description":"Whether to block sub-addresses. (E.g., example+shopping@test.com)"},"customBlocklist":{"type":"array","items":{"type":"string"},"description":"Custom blocklist of email addresses or domains."},"blockDisposableAddress":{"description":"Cloud only.  Whether to block disposable email addresses. Once enabled, Logto will check the email domain against a list of known disposable email domains. If the domain is found in the list, the email address will be blocked."}},"description":"Define email restriction policies. Users will be prohibited from registering or linking any email addresses that are included in the blocklist."},"forgotPasswordMethods":{"type":"array","items":{"type":"string","enum":["EmailVerificationCode","PhoneVerificationCode"]},"nullable":true},"passkeySignIn":{"type":"object","properties":{"enabled":{"type":"boolean"},"showPasskeyButton":{"type":"boolean"},"allowAutofill":{"type":"boolean"}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Default sign-in experience settings not found."}},"summary":"Get default sign-in experience settings","description":"Get the default sign-in experience settings."},"patch":{"operationId":"UpdateSignInExp","tags":["Sign-in experience"],"parameters":[{"name":"removeUnusedDemoSocialConnector","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to remove unused demo social connectors. (These demo social connectors are only used during cloud user onboarding)"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"color":{"type":"object","required":["primaryColor","isDarkModeEnabled","darkPrimaryColor"],"properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}},"description":"Specify the primary branding color for the sign-in page (both light/dark mode)."},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"hideLogtoBranding":{"type":"boolean","description":"Cloud only. Whether to hide the Logto branding on hosted sign-in pages."},"languageInfo":{"type":"object","required":["autoDetect","fallbackLanguage"],"properties":{"autoDetect":{"type":"boolean"},"fallbackLanguage":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}},"description":"Control the language detection policy for the sign-in page."},"agreeToTermsPolicy":{"type":"string","enum":["Automatic","ManualRegistrationOnly","Manual"]},"signIn":{"type":"object","required":["methods"],"properties":{"methods":{"type":"array","items":{"type":"object","required":["identifier","password","verificationCode","isPasswordPrimary"],"properties":{"identifier":{"type":"string","enum":["username","email","phone"]},"password":{"type":"boolean"},"verificationCode":{"type":"boolean"},"isPasswordPrimary":{"type":"boolean"}}}}},"description":"Sign-in method settings"},"signUp":{"type":"object","required":["identifiers","password","verify"],"properties":{"identifiers":{"type":"array","items":{"type":"string","enum":["username","email","phone"]},"description":"Specify allowed identifiers when signing-up."},"password":{"type":"boolean","description":"Whether the user is required to set a password when signing-up."},"verify":{"type":"boolean","description":"Whether the user is required to verify their email/phone when signing-up."},"secondaryIdentifiers":{"type":"array","items":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["emailOrPhone"]}]},"verify":{"type":"boolean"}}}}},"description":"Sign-up method settings"},"socialSignIn":{"type":"object","properties":{"automaticAccountLinking":{"type":"boolean"},"skipRequiredIdentifiers":{"type":"boolean"}}},"socialSignInConnectorTargets":{"type":"array","items":{"type":"string"},"description":"Specify the social sign-in connectors to display on the sign-in page."},"signInMode":{"type":"string","enum":["SignIn","Register","SignInAndRegister"]},"customCss":{"type":"string","nullable":true},"customContent":{"type":"object","additionalProperties":{"type":"string"},"description":"Custom content to display on experience flow pages. the page pathname will be the config key, the content will be the config value."},"customUiAssets":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"}},"nullable":true},"passwordPolicy":{"type":"object","properties":{"length":{"default":{},"type":"object","required":["min","max"],"properties":{"min":{"default":8,"type":"number"},"max":{"default":256,"type":"number"}}},"characterTypes":{"default":{},"type":"object","required":["min"],"properties":{"min":{"default":1,"type":"number"}}},"rejects":{"default":{},"type":"object","required":["pwned","repetitionAndSequence","userInfo","words"],"properties":{"pwned":{"default":true,"type":"boolean"},"repetitionAndSequence":{"default":true,"type":"boolean"},"userInfo":{"default":true,"type":"boolean"},"words":{"default":[],"type":"array","items":{"type":"string"}}}}},"description":"Password policies to adjust the password strength requirements."},"mfa":{"type":"object","required":["factors","policy"],"properties":{"factors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"policy":{"type":"string","enum":["UserControlled","Mandatory","PromptOnlyAtSignIn","PromptAtSignInAndSignUp","NoPrompt","PromptAtSignInAndSignUpMandatory","PromptOnlyAtSignInMandatory"]},"organizationRequiredMfaPolicy":{"type":"string","enum":["NoPrompt","Mandatory"]}},"description":"MFA settings"},"singleSignOnEnabled":{"type":"boolean"},"captchaPolicy":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"sentinelPolicy":{"type":"object","properties":{"maxAttempts":{"type":"number"},"lockoutDuration":{"type":"number"}},"description":"Custom sentinel policy settings. Use this field to customize the user lockout policy. The default value is 100 failed attempts within one hour. The user will be locked out for 60 minutes after exceeding the limit."},"emailBlocklistPolicy":{"type":"object","properties":{"blockDisposableAddresses":{"type":"boolean"},"blockSubaddressing":{"type":"boolean","description":"Whether to block sub-addresses. (E.g., example+shopping@test.com)"},"customBlocklist":{"type":"array","items":{"type":"string"},"description":"Custom blocklist of email addresses or domains."},"blockDisposableAddress":{"description":"Cloud only.  Whether to block disposable email addresses. Once enabled, Logto will check the email domain against a list of known disposable email domains. If the domain is found in the list, the email address will be blocked."}},"description":"Define email restriction policies. Users will be prohibited from registering or linking any email addresses that are included in the blocklist."},"forgotPasswordMethods":{"type":"array","items":{"type":"string","enum":["EmailVerificationCode","PhoneVerificationCode"]},"nullable":true},"passkeySignIn":{"type":"object","properties":{"enabled":{"type":"boolean"},"showPasskeyButton":{"type":"boolean"},"allowAutofill":{"type":"boolean"}}},"termsOfUseUrl":{"oneOf":[{"type":"string","format":"url","nullable":true},{"type":"string","format":"empty"}]},"privacyPolicyUrl":{"oneOf":[{"type":"string","format":"url","nullable":true},{"type":"string","format":"empty"}]},"supportEmail":{"oneOf":[{"type":"string","format":"email","nullable":true},{"type":"string","format":"empty"}],"description":"The support email address to display on the error pages."},"supportWebsiteUrl":{"oneOf":[{"type":"string","format":"url","nullable":true},{"type":"string","format":"empty"}],"description":"The support website URL to display on the error pages."},"unknownSessionRedirectUrl":{"oneOf":[{"type":"string","format":"url","nullable":true},{"type":"string","format":"empty"}],"description":"The fallback URL to redirect users when the sign-in session does not exist or unknown. Client should initiate a new authentication flow after the redirection."},"adaptiveMfa":{"description":"Adaptive MFA settings. Only effective when developer features are enabled."}}}}}},"responses":{"200":{"description":"Updated default sign-in experience settings.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","color","branding","hideLogtoBranding","languageInfo","termsOfUseUrl","privacyPolicyUrl","agreeToTermsPolicy","signIn","signUp","socialSignIn","socialSignInConnectorTargets","signInMode","customCss","customContent","customUiAssets","passwordPolicy","mfa","adaptiveMfa","singleSignOnEnabled","supportEmail","supportWebsiteUrl","unknownSessionRedirectUrl","captchaPolicy","sentinelPolicy","emailBlocklistPolicy","forgotPasswordMethods","passkeySignIn"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","required":["primaryColor","isDarkModeEnabled","darkPrimaryColor"],"properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"hideLogtoBranding":{"type":"boolean"},"languageInfo":{"type":"object","required":["autoDetect","fallbackLanguage"],"properties":{"autoDetect":{"type":"boolean"},"fallbackLanguage":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"agreeToTermsPolicy":{"type":"string","enum":["Automatic","ManualRegistrationOnly","Manual"]},"signIn":{"type":"object","required":["methods"],"properties":{"methods":{"type":"array","items":{"type":"object","required":["identifier","password","verificationCode","isPasswordPrimary"],"properties":{"identifier":{"type":"string","enum":["username","email","phone"]},"password":{"type":"boolean"},"verificationCode":{"type":"boolean"},"isPasswordPrimary":{"type":"boolean"}}}}}},"signUp":{"type":"object","required":["identifiers","password","verify"],"properties":{"identifiers":{"type":"array","items":{"type":"string","enum":["username","email","phone"]}},"password":{"type":"boolean"},"verify":{"type":"boolean"},"secondaryIdentifiers":{"type":"array","items":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["emailOrPhone"]}]},"verify":{"type":"boolean"}}}}}},"socialSignIn":{"type":"object","properties":{"automaticAccountLinking":{"type":"boolean"},"skipRequiredIdentifiers":{"type":"boolean"}}},"socialSignInConnectorTargets":{"type":"array","items":{"type":"string"}},"signInMode":{"type":"string","enum":["SignIn","Register","SignInAndRegister"]},"customCss":{"type":"string","nullable":true},"customContent":{"type":"object","additionalProperties":{"type":"string"}},"customUiAssets":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"}},"nullable":true},"passwordPolicy":{"type":"object","properties":{"length":{"default":{},"type":"object","required":["min","max"],"properties":{"min":{"default":8,"type":"number"},"max":{"default":256,"type":"number"}}},"characterTypes":{"default":{},"type":"object","required":["min"],"properties":{"min":{"default":1,"type":"number"}}},"rejects":{"default":{},"type":"object","required":["pwned","repetitionAndSequence","userInfo","words"],"properties":{"pwned":{"default":true,"type":"boolean"},"repetitionAndSequence":{"default":true,"type":"boolean"},"userInfo":{"default":true,"type":"boolean"},"words":{"default":[],"type":"array","items":{"type":"string"}}}}}},"mfa":{"type":"object","required":["factors","policy"],"properties":{"factors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"policy":{"type":"string","enum":["UserControlled","Mandatory","PromptOnlyAtSignIn","PromptAtSignInAndSignUp","NoPrompt","PromptAtSignInAndSignUpMandatory","PromptOnlyAtSignInMandatory"]},"organizationRequiredMfaPolicy":{"type":"string","enum":["NoPrompt","Mandatory"]}}},"adaptiveMfa":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"singleSignOnEnabled":{"type":"boolean"},"supportEmail":{"type":"string","nullable":true},"supportWebsiteUrl":{"type":"string","nullable":true},"unknownSessionRedirectUrl":{"type":"string","nullable":true},"captchaPolicy":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"sentinelPolicy":{"type":"object","properties":{"maxAttempts":{"type":"number"},"lockoutDuration":{"type":"number"}}},"emailBlocklistPolicy":{"type":"object","properties":{"blockDisposableAddresses":{"type":"boolean"},"blockSubaddressing":{"type":"boolean"},"customBlocklist":{"type":"array","items":{"type":"string"}}}},"forgotPasswordMethods":{"type":"array","items":{"type":"string","enum":["EmailVerificationCode","PhoneVerificationCode"]},"nullable":true},"passkeySignIn":{"type":"object","properties":{"enabled":{"type":"boolean"},"showPasskeyButton":{"type":"boolean"},"allowAutofill":{"type":"boolean"}}}}}}}},"400":{"description":"Bad request. Invalid data provided."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Default sign-in experience settings not found."},"422":{"description":"Unprocessable Entity. Invalid data provided."}},"summary":"Update default sign-in experience settings","description":"Update the default sign-in experience settings with the provided data."}},"/api/sign-in-exp/default/check-password":{"post":{"operationId":"CheckPasswordWithDefaultSignInExperience","tags":["Sign-in experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","description":"The password to check."},"userId":{"type":"string","description":"The user ID to check the password for. It is required if rejects user info is enabled in the password policy."}}}}}},"responses":{"200":{"description":"The password meets the password policy.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["result"],"properties":{"result":{"type":"boolean","format":"true"}}},{"type":"object","required":["result","issues"],"properties":{"result":{"type":"boolean","format":"false"},"issues":{"type":"array","items":{"type":"object","required":["code"],"properties":{"code":{"type":"string"},"interpolation":{"type":"object","additionalProperties":{"example":{}}}}}}}}]}}}},"400":{"description":"The password does not meet the password policy or no user ID provided."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Check if a password meets the password policy","description":"Check if a password meets the password policy in the sign-in experience settings."}},"/api/sign-in-exp/default/custom-ui-assets":{"post":{"operationId":"UploadCustomUiAssets","tags":["Sign-in experience"],"parameters":[],"requestBody":{"content":{"multipart/form-data":{"schema":{"properties":{"file":{"description":"The zip file containing custom web assets such as HTML, CSS, and JavaScript files."}}}}}},"responses":{"200":{"description":"An JSON object containing the custom UI assets ID.","content":{"application/json":{"schema":{"type":"object","required":["customUiAssetId"],"properties":{"customUiAssetId":{"type":"string"}}}}}},"400":{"description":"Bad request. The request body is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"500":{"description":"Failed to unzip or upload the custom UI assets to storage provider."}},"summary":"Upload custom UI assets","description":"Upload a zip file containing custom web assets such as HTML, CSS, and JavaScript files, then replace the default sign-in experience with the custom UI assets."}},"/api/users/{userId}":{"get":{"operationId":"GetUser","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"includeSsoIdentities","in":"query","required":false,"schema":{"type":"string"},"description":"If it's provided with a truthy value (`true`, `1`, `yes`), each user in the response will include a `ssoIdentities` property containing a list of SSO identities associated with the user."}],"responses":{"200":{"description":"User data for the given ID.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}},"description":"List of SSO identities associated with the user. Only available when the `includeSsoIdentities` query parameter is provided with a truthy value."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get user","description":"Get user data for the given ID."},"patch":{"operationId":"UpdateUser","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"username":{"oneOf":[{"type":"string","format":"regex","pattern":"/^[A-Z_a-z]\\w*$/"},{"type":"string","format":"empty"}],"nullable":true,"type":"string","description":"Updated username for the user. It should be unique across all users."},"primaryEmail":{"oneOf":[{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"},{"type":"string","format":"empty"}],"nullable":true,"type":"string","description":"Updated primary email address for the user. It should be unique across all users."},"primaryPhone":{"oneOf":[{"type":"string","format":"regex","pattern":"/^\\d+$/"},{"type":"string","format":"empty"}],"nullable":true,"type":"string","description":"Updated primary phone number for the user. It should be unique across all users."},"name":{"oneOf":[{"type":"string"},{"type":"string","format":"empty"}],"nullable":true,"type":"string"},"avatar":{"oneOf":[{"type":"string","format":"url"},{"type":"string","format":"empty"}],"nullable":true,"type":"string"},"customData":{"type":"object","description":"Custom data object to update for the given user ID. Note this will replace the entire custom data object.\n\nIf you want to perform a partial update, use the `PATCH /api/users/{userId}/custom-data` endpoint instead."},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}}}}}}},"responses":{"200":{"description":"Updated user data for the given ID.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update user","description":"Update user data for the given ID. This method performs a partial update."},"delete":{"operationId":"DeleteUser","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"204":{"description":"User deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete user","description":"Delete user with the given ID. Note all associated data will be deleted cascadingly."}},"/api/users/{userId}/custom-data":{"get":{"operationId":"ListUserCustomData","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"Custom data in JSON for the given user ID.","content":{"application/json":{"schema":{"type":"object","description":"arbitrary"}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get user custom data","description":"Get custom data for the given user ID."},"patch":{"operationId":"UpdateUserCustomData","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["customData"],"properties":{"customData":{"type":"object","description":"Partial custom data object to update for the given user ID."}}}}}},"responses":{"200":{"description":"Updated custom data in JSON for the given user ID.","content":{"application/json":{"schema":{"type":"object","description":"arbitrary"}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update user custom data","description":"Update custom data for the given user ID. This method performs a partial update of the custom data object."}},"/api/users/{userId}/logto-configs":{"get":{"operationId":"ListUserLogtoConfigs","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"Returns the exposed user logto config fields, including MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in states (skipped).","content":{"application/json":{"schema":{"type":"object","required":["mfa","passkeySignIn"],"properties":{"mfa":{"type":"object","required":["skipped","skipMfaOnSignIn"],"properties":{"enabled":{"type":"boolean"},"skipped":{"type":"boolean"},"skipMfaOnSignIn":{"type":"boolean"}}},"passkeySignIn":{"type":"object","required":["skipped"],"properties":{"skipped":{"type":"boolean"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get user logto config","description":"Retrieve the exposed portion of a user's logto config. Includes MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in states (skipped)."},"patch":{"operationId":"UpdateUserLogtoConfigs","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"mfa":{"type":"object","properties":{"enabled":{"type":"boolean","description":"Set whether MFA is enabled for the user."},"skipped":{"type":"boolean","description":"Set whether the user is marked as having skipped MFA binding."},"skipMfaOnSignIn":{"type":"boolean","description":"Set whether the user has opted to skip MFA verification on sign-in. This is ignored when the MFA policy is mandatory."}}},"passkeySignIn":{"type":"object","properties":{"skipped":{"type":"boolean","description":"Set whether the user has persistently skipped binding a passkey for sign-in."}}}}}}}},"responses":{"200":{"description":"The exposed logto config fields were updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["mfa","passkeySignIn"],"properties":{"mfa":{"type":"object","required":["skipped","skipMfaOnSignIn"],"properties":{"enabled":{"type":"boolean"},"skipped":{"type":"boolean"},"skipMfaOnSignIn":{"type":"boolean"}}},"passkeySignIn":{"type":"object","required":["skipped"],"properties":{"skipped":{"type":"boolean"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update user logto config","description":"Update the exposed portion of a user's logto config. Supports updating MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in states (skipped). All fields are optional — only provided fields will be updated."}},"/api/users/{userId}/profile":{"patch":{"operationId":"UpdateUserProfile","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["profile"],"properties":{"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}},"description":"Partial profile object to update for the given user ID."}}}}}},"responses":{"200":{"description":"Updated profile in JSON for the given user ID.","content":{"application/json":{"schema":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update user profile","description":"Update profile for the given user ID. This method performs a partial update of the profile object."}},"/api/users":{"post":{"operationId":"CreateUser","tags":["Users"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"primaryPhone":{"type":"string","format":"regex","pattern":"/^\\d+$/","description":"Primary phone number for the user. It should be unique across all users."},"primaryEmail":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/","description":"Primary email address for the user. It should be unique across all users."},"username":{"type":"string","format":"regex","pattern":"/^[A-Z_a-z]\\w*$/","description":"Username for the user. It should be unique across all users."},"password":{"type":"string","minLength":1,"description":"Plain text password for the user."},"passwordDigest":{"type":"string","maxLength":256,"description":"In case you already have the password digests and not the passwords, you can use them for the newly created user via this property. The value should be generated with one of the supported algorithms. The algorithm can be specified using the `passwordAlgorithm` property."},"passwordAlgorithm":{"type":"string","enum":["Argon2i","Argon2id","Argon2d","SHA1","SHA256","MD5","Bcrypt","Legacy"],"description":"The hash algorithm used for the password. It should be one of the supported algorithms: argon2, md5, sha1, sha256. Should the encryption algorithm differ from argon2, it will automatically be upgraded to argon2 upon the user's next sign-in."},"name":{"type":"string"},"avatar":{"oneOf":[{"type":"string","format":"url"},{"type":"string","format":"empty"}],"nullable":true,"type":"string"},"customData":{"type":"object","description":"arbitrary"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}}},"description":"User data to create a new user. All properties are optional."}}}},"responses":{"200":{"description":"User data for the newly created user.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Create user","description":"Create a new user with the given data."},"get":{"operationId":"ListUsers","tags":["Users"],"parameters":[{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of users that match the given criteria.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get users","description":"Get users with filters and pagination.\n\nLogto provides a very flexible way to query users. You can filter users by almost any fields with multiple modes. To learn more about the query syntax, please refer to [Advanced user search](https://docs.logto.io/docs/recipes/manage-users/advanced-user-search/)."}},"/api/users/{userId}/password":{"patch":{"operationId":"UpdateUserPassword","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","minLength":1,"description":"New password for the user."}}}}}},"responses":{"200":{"description":"User password updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Update user password","description":"Update user password for the given ID."}},"/api/users/{userId}/password/verify":{"post":{"operationId":"VerifyUserPassword","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","minLength":1,"description":"Password to verify."}}}}}},"responses":{"204":{"description":"User password matches."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"User password does not match."}},"summary":"Verify user password","description":"Test if the given password matches the user's password."}},"/api/users/{userId}/has-password":{"get":{"operationId":"GetUserHasPassword","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"The result of the check.","content":{"application/json":{"schema":{"type":"object","required":["hasPassword"],"properties":{"hasPassword":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Check if user has password","description":"Check if the user with the given ID has a password set."}},"/api/users/{userId}/is-suspended":{"patch":{"operationId":"UpdateUserIsSuspended","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["isSuspended"],"properties":{"isSuspended":{"type":"boolean","description":"New suspension status for the user."}}}}}},"responses":{"200":{"description":"User suspension status updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update user suspension status","description":"Update user suspension status for the given ID."}},"/api/users/{userId}/roles":{"get":{"operationId":"ListUserRoles","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of API resource roles assigned to the user.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type","isDefault"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get roles for user","description":"Get API resource roles assigned to the user with pagination."},"post":{"operationId":"AssignUserRoles","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["roleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs to assign."}}}}}},"responses":{"201":{"description":"The API resource roles has been assigned to the user.","content":{"application/json":{"schema":{"type":"object","required":["roleIds","addedRoleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs requested for assignment."},"addedRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs newly assigned to the user."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Assign roles to user","description":"Assign API resource roles to the user. The roles will be added to the existing roles."},"put":{"operationId":"ReplaceUserRoles","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["roleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs to assign."}}}}}},"responses":{"200":{"description":"The API resource roles has been updated for the user successfully.","content":{"application/json":{"schema":{"type":"object","required":["roleIds"],"properties":{"roleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource role IDs assigned to the user."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update roles for user","description":"Update API resource roles assigned to the user. This will replace the existing roles."}},"/api/users/{userId}/roles/{roleId}":{"delete":{"operationId":"DeleteUserRole","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"$ref":"#/components/parameters/roleId"}],"responses":{"204":{"description":"The API resource role has been removed from the user."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Remove role from user","description":"Remove an API resource role from the user."}},"/api/users/{userId}/identities/{target}":{"put":{"operationId":"ReplaceUserIdentity","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"target","in":"path","required":true,"schema":{"type":"string"}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string","description":"The user's social identity ID."},"details":{"type":"object","description":"The user's social identity details."}}}}}},"responses":{"200":{"description":"The identity is updated.","content":{"application/json":{"schema":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}}}}},"201":{"description":"The identity is created.","content":{"application/json":{"schema":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update social identity of user","description":"Directly update a social identity of the user."},"delete":{"operationId":"DeleteUserIdentity","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"target","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"200":{"description":"The identity is deleted from the user.","content":{"application/json":{"schema":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete social identity from user","description":"Delete a social identity from the user."},"get":{"operationId":"GetUserIdentity","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"target","in":"path","required":true,"schema":{"type":"string"}},{"name":"includeTokenSecret","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret."}],"responses":{"200":{"description":"Returns the user's social identity and associated token storage.","content":{"application/json":{"schema":{"type":"object","required":["identity"],"properties":{"identity":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}},"description":"The user's social identity."},"tokenSecret":{"type":"object","required":["tenantId","id","userId","type","metadata","createdAt","updatedAt","connectorId","identityId","target"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"type":{"type":"string","format":"\"federated_token_set\""},"metadata":{"type":"object","required":["hasRefreshToken"],"properties":{"scope":{"type":"string"},"expiresAt":{"type":"number"},"tokenType":{"type":"string"},"hasRefreshToken":{"type":"boolean"}}},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"connectorId":{"type":"string"},"identityId":{"type":"string"},"target":{"type":"string"}},"description":"The desensitized token set secret associated with the user's social identity.\nThis field is included only if the `includeTokenSecret` query parameter is provided and the corresponding connector has token storage enabled."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"User social identity not found."}},"summary":"Retrieve a user's social identity and associated token storage .","description":"This API retrieves the social identity and its associated token set for the specified user from the Logto Secret Vault. The token set will only be available if token storage is enabled for the corresponding social connector."}},"/api/users/{userId}/identities":{"post":{"operationId":"CreateUserIdentity","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["connectorId","connectorData"],"properties":{"connectorId":{"type":"string","description":"The Logto connector ID."},"connectorData":{"type":"object","additionalProperties":{"example":{}},"description":"A json object constructed from the url query params returned by the social platform. Typically it contains `code`, `state` and `redirectUri` fields."}}}}}},"responses":{"200":{"description":"A new identity is linked to the user.","content":{"application/json":{"schema":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Link social identity to user","description":"Link authenticated user identity from a social platform to a Logto user.\n\nThe usage of this API is usually coupled with `POST /connectors/:connectorId/authorization-uri`. With the help of these pair of APIs, you can implement a user profile page with the link social account feature in your application.\n\nNote: Currently due to technical limitations, this API does not support the following connectors that rely on Logto interaction session: `@logto/connector-apple`, `@logto/connector-saml`, `@logto/connector-oidc` and `@logto/connector-oauth`."}},"/api/users/{userId}/organizations":{"get":{"operationId":"ListUserOrganizations","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"An array of organizations that the user is a member of.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organizations for a user","description":"Get all organizations that the user is a member of. In each organization object, the user's roles in that organization are included in the `organizationRoles` array."}},"/api/users/{userId}/mfa-verifications":{"get":{"operationId":"ListUserMfaVerifications","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"An array of MFA verifications for the user.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","createdAt","type"],"properties":{"id":{"type":"string"},"createdAt":{"type":"string"},"lastUsedAt":{"type":"string"},"type":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]},"agent":{"type":"string"},"name":{"type":"string"},"remainCodes":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get user's MFA verifications","description":"Get a user's existing MFA verifications for a given user ID."},"post":{"operationId":"CreateUserMfaVerification","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["type"],"properties":{"type":{"type":"string","format":"\"Totp\""},"secret":{"type":"string"}}},{"type":"object","required":["type"],"properties":{"type":{"type":"string","format":"\"BackupCode\""},"codes":{"type":"array","items":{"type":"string"}}}},{"type":"object","properties":{"type":{"type":"string","description":"The type of MFA verification to create."},"secret":{"type":"string","description":"The secret for the MFA verification, if not provided, a new secret will be generated."}},"required":["type"]},{"type":"object","properties":{"type":{"type":"string","description":"The type of MFA verification to create."},"codes":{"type":"array","items":{"type":"string"},"description":"The backup codes for the MFA verification, if not provided, a new group of backup codes will be generated."}},"required":["type"]}]}}}},"responses":{"200":{"description":"The MFA verification that was created.","content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["type","secret","secretQrCode"],"properties":{"type":{"type":"string","format":"\"Totp\""},"secret":{"type":"string"},"secretQrCode":{"type":"string"}}},{"type":"object","required":["type","codes"],"properties":{"type":{"type":"string","format":"\"BackupCode\""},"codes":{"type":"array","items":{"type":"string"}}}}]}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Create an MFA verification for a user","description":"Create a new MFA verification for a given user ID."}},"/api/users/{userId}/mfa-verifications/{verificationId}":{"delete":{"operationId":"DeleteUserMfaVerification","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"$ref":"#/components/parameters/verificationId"}],"responses":{"204":{"description":"The MFA verification was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete an MFA verification for a user","description":"Delete an MFA verification for the user with the given verification ID. The verification ID must be associated with the given user ID."}},"/api/users/{userId}/personal-access-tokens":{"get":{"operationId":"ListUserPersonalAccessTokens","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"A list of personal access tokens.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","userId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get personal access tokens","description":"Get all personal access tokens for the user."},"post":{"operationId":"CreateUserPersonalAccessToken","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The personal access token name. Must be unique within the user."},"expiresAt":{"type":"number","nullable":true,"description":"The epoch time in milliseconds when the token will expire. If not provided, the token will never expire."}}}}}},"responses":{"201":{"description":"The personal access token was added successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","userId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The personal access token name is already in use."}},"summary":"Add personal access token","description":"Add a new personal access token for the user."},"patch":{"operationId":"UpdatePersonalAccessTokenName","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The new token name. Must be unique within the user."},"currentName":{"type":"string","description":"The current name of the token to update."}}}}}},"responses":{"200":{"description":"The token was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","userId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update personal access token","description":"Update a token for the user by name."}},"/api/users/{userId}/personal-access-tokens/{name}":{"delete":{"operationId":"DeleteUserPersonalAccessToken","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"name","in":"path","required":true,"schema":{"type":"string"},"description":"The name of the token."}],"responses":{"204":{"description":"The token was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete personal access token","description":"Delete a token for the user by name using the legacy path parameter. Deprecated: use the POST /delete endpoint instead to avoid url name encoding issues."},"patch":{"operationId":"UpdateUserPersonalAccessToken","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"name","in":"path","required":true,"schema":{"type":"string"},"description":"The current name of the token."}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The new token name. Must be unique within the user."}}}}}},"responses":{"200":{"description":"The token was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","userId","name","value","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"value":{"type":"string","minLength":1,"maxLength":64},"createdAt":{"type":"number"},"expiresAt":{"type":"number","nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update personal access token","description":"Update a token for the user by name using the legacy path parameter. Deprecated: use the PATCH /personal-access-tokens endpoint instead to avoid url name encoding issues."}},"/api/users/{userId}/personal-access-tokens/delete":{"post":{"operationId":"DeletePersonalAccessTokenPost","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","description":"The name of the token to delete."}}}}}},"responses":{"204":{"description":"The token was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete personal access token","description":"Delete a token for the user by name."}},"/api/users/{userId}/sso-identities/{ssoConnectorId}":{"get":{"operationId":"GetUserSsoIdentity","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"$ref":"#/components/parameters/ssoConnectorId"},{"name":"includeTokenSecret","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret."}],"responses":{"200":{"description":"Returns the user's enterprise SSO identity and associated token secret.","content":{"application/json":{"schema":{"type":"object","required":["ssoIdentity"],"properties":{"ssoIdentity":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}},"description":"The user's enterprise SSO identity."},"tokenSecret":{"type":"object","required":["tenantId","id","userId","type","metadata","createdAt","updatedAt","ssoConnectorId","issuer","identityId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"type":{"type":"string","format":"\"federated_token_set\""},"metadata":{"type":"object","required":["hasRefreshToken"],"properties":{"scope":{"type":"string"},"expiresAt":{"type":"number"},"tokenType":{"type":"string"},"hasRefreshToken":{"type":"boolean"}}},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string"},"issuer":{"type":"string"},"identityId":{"type":"string"}},"description":"The desensitized token set secret associated with the user's SSO identity.\nThis field is included only if the `includeTokenSecret` query parameter is provided and the corresponding connector has token storage enabled."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"User enterprise SSO identity not found."}},"summary":"Retrieve a user's enterprise SSO identity and associated token secret (if token storage is enabled).","description":"This API retrieves the user's enterprise SSO identity and associated token set record from the Logto Secret Vault. The token set will only be available if token storage is enabled for the corresponding SSO connector."}},"/api/users/{userId}/all-identities":{"get":{"operationId":"ListUserAllIdentities","tags":["Users"],"parameters":[{"$ref":"#/components/parameters/userId"},{"name":"includeTokenSecret","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to include the token secret in the response. Defaults to false. Token storage must be supported and enabled by the connector to return the token secret."}],"responses":{"200":{"description":"Returns the user's social identities, enterprise SSO identities and associated token secret.","content":{"application/json":{"schema":{"type":"object","required":["socialIdentities","ssoIdentities"],"properties":{"socialIdentities":{"type":"array","items":{"type":"object","required":["identity","target"],"properties":{"identity":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}},"tokenSecret":{"type":"object","required":["tenantId","id","userId","type","metadata","createdAt","updatedAt","connectorId","identityId","target"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"type":{"type":"string","format":"\"federated_token_set\""},"metadata":{"type":"object","required":["hasRefreshToken"],"properties":{"scope":{"type":"string"},"expiresAt":{"type":"number"},"tokenType":{"type":"string"},"hasRefreshToken":{"type":"boolean"}}},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"connectorId":{"type":"string"},"identityId":{"type":"string"},"target":{"type":"string"}}},"target":{"type":"string"}}},"description":"The user's social identities."},"ssoIdentities":{"type":"array","items":{"type":"object","required":["ssoIdentity","ssoConnectorId"],"properties":{"ssoIdentity":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}},"tokenSecret":{"type":"object","required":["tenantId","id","userId","type","metadata","createdAt","updatedAt","ssoConnectorId","issuer","identityId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":21},"type":{"type":"string","format":"\"federated_token_set\""},"metadata":{"type":"object","required":["hasRefreshToken"],"properties":{"scope":{"type":"string"},"expiresAt":{"type":"number"},"tokenType":{"type":"string"},"hasRefreshToken":{"type":"boolean"}}},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string"},"issuer":{"type":"string"},"identityId":{"type":"string"}}},"ssoConnectorId":{"type":"string"}}},"description":"The user's enterprise SSO identities."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"User not found."}},"summary":"Retrieve social identities, enterprise SSO identities and associated token secret (if token storage is enabled) for a user.","description":"This API retrieves all identities (social and enterprise SSO) for a user, along with their associated token set records from the Logto Secret Vault. The token sets will only be available if token storage is enabled for the corresponding identity connector."}},"/api/logs":{"get":{"operationId":"ListLogs","tags":["Audit logs"],"parameters":[{"name":"userId","in":"query","required":false,"schema":{"type":"string"},"description":"Filter logs by user ID."},{"name":"applicationId","in":"query","required":false,"schema":{"type":"string"},"description":"Filter logs by application ID."},{"name":"logKey","in":"query","required":false,"schema":{"type":"string"},"description":"Filter logs by log key."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"An array of logs that match the given query.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","key","payload","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"key":{"type":"string","minLength":1,"maxLength":128},"payload":{"type":"object","required":["key","result"],"properties":{"key":{"type":"string"},"result":{"type":"string","enum":["Success","Error"]},"error":{"oneOf":[{"type":"object","additionalProperties":{"example":{}}},{"type":"string"}]},"ip":{"type":"string"},"userAgent":{"type":"string"},"userAgentParsed":{"type":"object","properties":{"ua":{"type":"string"},"browser":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"},"major":{"type":"string"},"type":{"type":"string"}}},"device":{"type":"object","properties":{"model":{"type":"string"},"type":{"type":"string"},"vendor":{"type":"string"}}},"engine":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"os":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"cpu":{"type":"object","properties":{"architecture":{"type":"string"}}}}},"userId":{"type":"string"},"applicationId":{"type":"string"},"sessionId":{"type":"string"},"params":{"type":"object","additionalProperties":{"example":{}}}}},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get logs","description":"Get logs that match the given query with pagination."}},"/api/logs/{id}":{"get":{"operationId":"GetLog","tags":["Audit logs"],"parameters":[{"$ref":"#/components/parameters/logId-root"}],"responses":{"200":{"description":"Log details.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","key","payload","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"key":{"type":"string","minLength":1,"maxLength":128},"payload":{"type":"object","required":["key","result"],"properties":{"key":{"type":"string"},"result":{"type":"string","enum":["Success","Error"]},"error":{"oneOf":[{"type":"object","additionalProperties":{"example":{}}},{"type":"string"}]},"ip":{"type":"string"},"userAgent":{"type":"string"},"userAgentParsed":{"type":"object","properties":{"ua":{"type":"string"},"browser":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"},"major":{"type":"string"},"type":{"type":"string"}}},"device":{"type":"object","properties":{"model":{"type":"string"},"type":{"type":"string"},"vendor":{"type":"string"}}},"engine":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"os":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"cpu":{"type":"object","properties":{"architecture":{"type":"string"}}}}},"userId":{"type":"string"},"applicationId":{"type":"string"},"sessionId":{"type":"string"},"params":{"type":"object","additionalProperties":{"example":{}}}}},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Log not found."}},"summary":"Get log","description":"Get log details by ID."}},"/api/roles":{"get":{"operationId":"ListRoles","tags":["Roles"],"parameters":[{"name":"excludeUserId","in":"query","required":false,"schema":{"type":"string"},"description":"Exclude roles assigned to a user."},{"name":"excludeApplicationId","in":"query","required":false,"schema":{"type":"string"},"description":"Exclude roles assigned to an application."},{"name":"type","in":"query","required":false,"schema":{"type":"string","enum":["User","MachineToMachine"]},"description":"Filter by role type."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of roles matching the filters.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type","isDefault","usersCount","featuredUsers","applicationsCount","featuredApplications"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"},"usersCount":{"type":"number"},"featuredUsers":{"type":"array","items":{"type":"object","required":["id","avatar","name"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"avatar":{"type":"string","maxLength":2048,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true}}}},"applicationsCount":{"type":"number"},"featuredApplications":{"type":"array","items":{"type":"object","required":["id","name","type"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get roles","description":"Get roles with filters and pagination."},"post":{"operationId":"CreateRole","tags":["Roles"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The name of the role. It should be unique within the tenant."},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"],"description":"The type of the role. It cannot be changed after creation."},"isDefault":{"type":"boolean"},"scopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"The initial API resource scopes assigned to the role."}}}}}},"responses":{"200":{"description":"The created role.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","isDefault"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Create a role","description":"Create a new role with the given data."}},"/api/roles/{id}":{"get":{"operationId":"GetRole","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"responses":{"200":{"description":"Details of the role.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","isDefault"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get role","description":"Get role details by ID."},"patch":{"operationId":"UpdateRole","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","minLength":1,"maxLength":128,"description":"The name of the role. It should be unique within the tenant."},"description":{"type":"string","minLength":1,"maxLength":128},"isDefault":{"type":"boolean"}}}}}},"responses":{"200":{"description":"The updated role.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","isDefault"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["User","MachineToMachine"]},"isDefault":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Update role","description":"Update role details. This method performs a partial update."},"delete":{"operationId":"DeleteRole","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"responses":{"204":{"description":"The role was deleted."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete role","description":"Delete a role with the given ID."}},"/api/roles/{id}/users":{"get":{"operationId":"ListRoleUsers","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of users who have the role assigned.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get role users","description":"Get users who have the role assigned with pagination."},"post":{"operationId":"CreateRoleUser","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userIds"],"properties":{"userIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of user IDs to be assigned."}}}}}},"responses":{"201":{"description":"The role was assigned to the users successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Assign role to users","description":"Assign a role to a list of users. The role must have the type `User`."}},"/api/roles/{id}/users/{userId}":{"delete":{"operationId":"DeleteRoleUser","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"$ref":"#/components/parameters/userId"}],"responses":{"204":{"description":"The role was removed from the user."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Remove role from user","description":"Remove a role from a user with the given ID."}},"/api/roles/{id}/applications":{"get":{"operationId":"ListRoleApplications","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of applications that have the role assigned.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"type":"string","minLength":1,"maxLength":64},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"}}}}}}},"204":{"description":"No Content"},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get role applications","description":"Get applications that have the role assigned with pagination."},"post":{"operationId":"CreateRoleApplication","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["applicationIds"],"properties":{"applicationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of application IDs to be assigned."}}}}}},"responses":{"201":{"description":"The role was assigned to the applications successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Assign role to applications","description":"Assign a role to a list of applications. The role must have the type `Application`."}},"/api/roles/{id}/applications/{applicationId}":{"delete":{"operationId":"DeleteRoleApplication","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"$ref":"#/components/parameters/applicationId"}],"responses":{"204":{"description":"The role was removed from the application."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Remove role from application","description":"Remove the role from an application with the given ID."}},"/api/roles/{id}/scopes":{"get":{"operationId":"ListRoleScopes","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}},{"name":"search_params","in":"query","description":"Search query parameters.","required":false,"schema":{"type":"object","additionalProperties":{"type":"string"}},"explode":true}],"responses":{"200":{"description":"An array of API resource scopes linked with the role.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt","resource"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"},"resource":{"type":"object","required":["tenantId","id","name","indicator","isDefault","accessTokenTtl"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1},"indicator":{"type":"string","minLength":1},"isDefault":{"type":"boolean"},"accessTokenTtl":{"type":"number"}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get role scopes","description":"Get API resource scopes (permissions) linked with a role."},"post":{"operationId":"CreateRoleScope","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["scopeIds"],"properties":{"scopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of API resource scope IDs to be linked."}}}}}},"responses":{"200":{"description":"The role was linked to the scopes successfully."},"201":{"description":"Created","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Link scopes to role","description":"Link a list of API resource scopes (permissions) to a role. The original linked scopes will be kept."}},"/api/roles/{id}/scopes/{scopeId}":{"delete":{"operationId":"DeleteRoleScope","tags":["Roles"],"parameters":[{"$ref":"#/components/parameters/roleId-root"},{"$ref":"#/components/parameters/scopeId"}],"responses":{"204":{"description":"The API resource scope was unlinked from the role."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Unlink scope from role","description":"Unlink an API resource scope (permission) from a role with the given ID."}},"/api/dashboard/users/total":{"get":{"operationId":"GetTotalUserCount","tags":["Dashboard"],"parameters":[],"responses":{"200":{"description":"Total user count.","content":{"application/json":{"schema":{"type":"object","required":["totalUserCount"],"properties":{"totalUserCount":{"type":"number"}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get total user count","description":"Get total user count in the current tenant."}},"/api/dashboard/users/new":{"get":{"operationId":"GetNewUserCounts","tags":["Dashboard"],"parameters":[],"responses":{"200":{"description":"New user count.","content":{"application/json":{"schema":{"type":"object","required":["today","last7Days"],"properties":{"today":{"type":"object","required":["count","delta"],"properties":{"count":{"type":"number"},"delta":{"type":"number"}}},"last7Days":{"type":"object","required":["count","delta"],"properties":{"count":{"type":"number"},"delta":{"type":"number"}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get new user count","description":"Get new user count in the past 7 days."}},"/api/dashboard/users/active":{"get":{"operationId":"GetActiveUserCounts","tags":["Dashboard"],"parameters":[{"name":"date","in":"query","required":false,"schema":{"type":"string","format":"regex","pattern":"/^\\d{4}(-\\d{2}){2}/"},"description":"The date to get active user data."}],"responses":{"200":{"description":"Active user data object.","content":{"application/json":{"schema":{"type":"object","required":["dauCurve","dau","wau","mau"],"properties":{"dauCurve":{"type":"array","items":{"type":"object","required":["date","count"],"properties":{"date":{"type":"string"},"count":{"type":"number"}}}},"dau":{"type":"object","required":["count","delta"],"properties":{"count":{"type":"number"},"delta":{"type":"number"}}},"wau":{"type":"object","required":["count","delta"],"properties":{"count":{"type":"number"},"delta":{"type":"number"}}},"mau":{"type":"object","required":["count","delta"],"properties":{"count":{"type":"number"},"delta":{"type":"number"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get active user data","description":"Get active user data, including daily active user (DAU), weekly active user (WAU) and monthly active user (MAU). It also includes an array of DAU in the past 30 days."}},"/api/custom-phrases":{"get":{"operationId":"ListCustomPhrases","tags":["Custom phrases"],"parameters":[],"responses":{"200":{"description":"An array of custom phrases.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","languageTag","translation"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"translation":{"$ref":"#/components/schemas/TranslationObject"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get all custom phrases","description":"Get all custom phrases for all languages."}},"/api/custom-phrases/{languageTag}":{"get":{"operationId":"GetCustomPhrase","tags":["Custom phrases"],"parameters":[{"name":"languageTag","in":"path","required":true,"schema":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}],"responses":{"200":{"description":"Custom phrases for the specified language tag.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","languageTag","translation"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"translation":{"$ref":"#/components/schemas/TranslationObject"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Custom phrases not found."}},"summary":"Get custom phrases","description":"Get custom phrases for the specified language tag."},"put":{"operationId":"ReplaceCustomPhrase","tags":["Custom phrases"],"parameters":[{"name":"languageTag","in":"path","required":true,"schema":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/TranslationObject"},"example":{"phraseKey1":"new value1","phraseKey2":"new value2"}}}},"responses":{"201":{"description":"Custom phrases created or updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","languageTag","translation"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"translation":{"$ref":"#/components/schemas/TranslationObject"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Invalid translation structure."}},"summary":"Upsert custom phrases","description":"Upsert custom phrases for the specified language tag. Upsert means that if the custom phrases already exist, they will be updated. Otherwise, they will be created."},"delete":{"operationId":"DeleteCustomPhrase","tags":["Custom phrases"],"parameters":[{"name":"languageTag","in":"path","required":true,"schema":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}],"responses":{"204":{"description":"Custom phrases deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Custom phrases not found."},"409":{"description":"Cannot delete the default language."}},"summary":"Delete custom phrase","description":"Delete custom phrases for the specified language tag."}},"/api/hooks":{"get":{"operationId":"ListHooks","tags":["Hooks"],"parameters":[{"name":"includeExecutionStats","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to include execution stats in the response."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of hooks.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","event","events","config","signingKey","enabled","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","maxLength":256},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]}},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number"}}},"signingKey":{"type":"string","maxLength":64},"enabled":{"type":"boolean"},"createdAt":{"type":"number"},"executionStats":{"type":"object","required":["successCount","requestCount"],"properties":{"successCount":{"type":"number"},"requestCount":{"type":"number"}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get hooks","description":"Get a list of hooks with optional pagination."},"post":{"operationId":"CreateHook","tags":["Hooks"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["config"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256,"description":"The name of the hook."},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"deprecated":true,"description":"Use `events` instead."},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]},"description":"An array of hook events."},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number","deprecated":true,"description":"Now the retry times is fixed to 3. Keep for backward compatibility."}}},"enabled":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"responses":{"201":{"description":"The hook was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","event","events","config","signingKey","enabled","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","maxLength":256},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]}},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number"}}},"signingKey":{"type":"string","maxLength":64},"enabled":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Create a hook","description":"Create a new hook with the given data."}},"/api/hooks/{id}":{"get":{"operationId":"GetHook","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"},{"name":"includeExecutionStats","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to include execution stats in the response."}],"responses":{"200":{"description":"Details of the hook.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","event","events","config","signingKey","enabled","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","maxLength":256},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]}},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number"}}},"signingKey":{"type":"string","maxLength":64},"enabled":{"type":"boolean"},"createdAt":{"type":"number"},"executionStats":{"type":"object","required":["successCount","requestCount"],"properties":{"successCount":{"type":"number"},"requestCount":{"type":"number"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get hook","description":"Get hook details by ID."},"patch":{"operationId":"UpdateHook","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256,"description":"The updated name of the hook."},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true,"deprecated":true,"description":"Use `events` instead."},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]},"description":"An array of updated hook events."},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number","deprecated":true,"description":"Now the retry times is fixed to 3. Keep for backward compatibility."}}},"enabled":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"responses":{"200":{"description":"The hook was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","event","events","config","signingKey","enabled","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","maxLength":256},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]}},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number"}}},"signingKey":{"type":"string","maxLength":64},"enabled":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update hook","description":"Update hook details by ID with the given data."},"delete":{"operationId":"DeleteHook","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"}],"responses":{"204":{"description":"The hook was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete hook","description":"Delete hook by ID."}},"/api/hooks/{id}/recent-logs":{"get":{"operationId":"ListHookRecentLogs","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"},{"name":"logKey","in":"query","required":false,"schema":{"type":"string"},"description":"The log key to filter logs."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of recent logs for the hook.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","key","payload","createdAt"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"key":{"type":"string","minLength":1,"maxLength":128},"payload":{"type":"object","required":["key","result"],"properties":{"key":{"type":"string"},"result":{"type":"string","enum":["Success","Error"]},"error":{"oneOf":[{"type":"object","additionalProperties":{"example":{}}},{"type":"string"}]},"ip":{"type":"string"},"userAgent":{"type":"string"},"userAgentParsed":{"type":"object","properties":{"ua":{"type":"string"},"browser":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"},"major":{"type":"string"},"type":{"type":"string"}}},"device":{"type":"object","properties":{"model":{"type":"string"},"type":{"type":"string"},"vendor":{"type":"string"}}},"engine":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"os":{"type":"object","properties":{"name":{"type":"string"},"version":{"type":"string"}}},"cpu":{"type":"object","properties":{"architecture":{"type":"string"}}}}},"userId":{"type":"string"},"applicationId":{"type":"string"},"sessionId":{"type":"string"},"params":{"type":"object","additionalProperties":{"example":{}}}}},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get recent logs for a hook","description":"Get recent logs that match the given query for the specified hook with pagination."}},"/api/hooks/{id}/test":{"post":{"operationId":"CreateHookTest","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["events","config"],"properties":{"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]},"description":"An array of hook events for testing."},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number","deprecated":true,"description":"Now the retry times is fixed to 3. Keep for backward compatibility."}},"description":"The hook configuration for testing."},"event":{"deprecated":true,"description":"Use `events` instead."}}}}}},"responses":{"204":{"description":"The hook test was successful."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Test hook","description":"Test the specified hook with the given events and config."}},"/api/hooks/{id}/signing-key":{"patch":{"operationId":"UpdateHookSigningKey","tags":["Hooks"],"parameters":[{"$ref":"#/components/parameters/hookId-root"}],"responses":{"200":{"description":"The signing key for the hook was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","event","events","config","signingKey","enabled","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","maxLength":256},"event":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"],"nullable":true},"events":{"type":"array","items":{"type":"string","enum":["PostRegister","PostSignIn","PostSignInAdaptiveMfaTriggered","PostResetPassword","User.Created","User.Deleted","User.Data.Updated","User.SuspensionStatus.Updated","Role.Created","Role.Deleted","Role.Data.Updated","Role.Scopes.Updated","Scope.Created","Scope.Deleted","Scope.Data.Updated","Organization.Created","Organization.Deleted","Organization.Data.Updated","Organization.Membership.Updated","OrganizationRole.Created","OrganizationRole.Deleted","OrganizationRole.Data.Updated","OrganizationRole.Scopes.Updated","OrganizationScope.Created","OrganizationScope.Deleted","OrganizationScope.Data.Updated","Identifier.Lockout"]}},"config":{"type":"object","required":["url"],"properties":{"url":{"type":"string"},"headers":{"type":"object","additionalProperties":{"type":"string"}},"retries":{"type":"number"}}},"signingKey":{"type":"string","maxLength":64},"enabled":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update signing key for a hook","description":"Update the signing key for the specified hook."}},"/api/verification-codes":{"post":{"operationId":"CreateVerificationCode","tags":["Verification codes"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["email"],"properties":{"email":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}}},{"type":"object","required":["phone"],"properties":{"phone":{"type":"string","format":"regex","pattern":"/^\\d+$/"}}}]}}}},"responses":{"204":{"description":"Verification code requested and sent successfully."},"400":{"description":"Bad request. The payload may be invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"501":{"description":"Not Implemented"}},"summary":"Request and send a verification code","description":"Request a verification code for the provided identifier (email/phone).\nif you're using email as the identifier, you need to setup your email connector first.\nif you're using phone as the identifier, you need to setup your SMS connector first."}},"/api/verification-codes/verify":{"post":{"operationId":"VerifyVerificationCode","tags":["Verification codes"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["email","verificationCode"],"properties":{"email":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"},"verificationCode":{"type":"string","minLength":1}}},{"type":"object","required":["phone","verificationCode"],"properties":{"phone":{"type":"string","format":"regex","pattern":"/^\\d+$/"},"verificationCode":{"type":"string","minLength":1}}}]}}}},"responses":{"204":{"description":"Verification code verified successfully."},"400":{"description":"Bad request. The payload may be invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Verify a verification code","description":"Verify a verification code for a specified identifier.\nif you're using email as the identifier, you need to setup your email connector first.\nif you're using phone as the identifier, you need to setup your SMS connector first."}},"/api/user-assets/service-status":{"get":{"operationId":"GetUserAssetServiceStatus","tags":["User assets"],"parameters":[],"responses":{"200":{"description":"An object containing the service status and metadata.","content":{"application/json":{"schema":{"type":"object","required":["status"],"properties":{"status":{"oneOf":[{"type":"string","format":"\"ready\""},{"type":"string","format":"\"not_configured\""}]},"allowUploadMimeTypes":{"type":"array","items":{"type":"string","enum":["image/jpeg","image/png","image/gif","image/vnd.microsoft.icon","image/x-icon","image/svg+xml","image/tiff","image/webp","image/bmp","application/zip"]}},"maxUploadFileSize":{"type":"number"}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get service status","description":"Get user assets service status."}},"/api/user-assets":{"post":{"operationId":"CreateUserAsset","tags":["User assets"],"parameters":[],"requestBody":{"content":{"multipart/form-data":{"schema":{"properties":{"file":{"description":"The file asset to upload."}}}}}},"responses":{"200":{"description":"An object containing the uploaded asset metadata.","content":{"application/json":{"schema":{"type":"object","required":["url"],"properties":{"url":{"type":"string"}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Upload asset","description":"Upload a user asset."}},"/api/domains":{"get":{"operationId":"ListDomains","tags":["Domains"],"parameters":[],"responses":{"200":{"description":"A list of domains.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","domain","status","errorMessage","dnsRecords","createdAt"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"domain":{"type":"string","minLength":1,"maxLength":256},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","maxLength":1024,"nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"createdAt":{"type":"number"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get domains","description":"Get all of your custom domains."},"post":{"operationId":"CreateDomain","tags":["Domains"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["domain"],"properties":{"domain":{"type":"string","minLength":1,"maxLength":256,"description":"The domain name, e.g. `example.com`."}}}}}},"responses":{"201":{"description":"The domain was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["id","domain","status","errorMessage","dnsRecords","createdAt"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"domain":{"type":"string","minLength":1,"maxLength":256},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","maxLength":1024,"nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Validation error. Please check the request body."}},"summary":"Create domain","description":"Create a new domain with the given data. The maximum domain number is 1, once created, can not be modified, you'll have to delete and recreate one."}},"/api/domains/{id}":{"get":{"operationId":"GetDomain","tags":["Domains"],"parameters":[{"$ref":"#/components/parameters/domainId-root"}],"responses":{"200":{"description":"Details of the domain.","content":{"application/json":{"schema":{"type":"object","required":["id","domain","status","errorMessage","dnsRecords","createdAt"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"domain":{"type":"string","minLength":1,"maxLength":256},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","maxLength":1024,"nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The domain with the specified ID was not found."}},"summary":"Get domain","description":"Get domain details by ID, by calling this API, the domain status will be synced from remote provider."},"delete":{"operationId":"DeleteDomain","tags":["Domains"],"parameters":[{"$ref":"#/components/parameters/domainId-root"}],"responses":{"204":{"description":"The domain was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The domain with the specified ID was not found."}},"summary":"Delete domain","description":"Delete domain by ID."}},"/api/organization-roles/{id}":{"get":{"operationId":"GetOrganizationRole","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"responses":{"200":{"description":"Details of the organization role.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization role","description":"Get organization role details by ID."},"patch":{"operationId":"UpdateOrganizationRole","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The updated name of the organization role. It must be unique within the organization template."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The updated description of the organization role."},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}},"responses":{"200":{"description":"The organization role was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"The organization role name is already in use."}},"summary":"Update organization role","description":"Update organization role details by ID with the given data."},"delete":{"operationId":"DeleteOrganizationRole","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"responses":{"204":{"description":"The organization role was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete organization role","description":"Delete organization role by ID."}},"/api/organization-roles":{"get":{"operationId":"ListOrganizationRoles","tags":["Organization roles"],"parameters":[{"name":"q","in":"query","required":false,"schema":{"type":"string"}},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of organization roles.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type","scopes","resourceScopes"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]},"scopes":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}},"resourceScopes":{"type":"array","items":{"type":"object","required":["id","name","resource"],"properties":{"id":{"type":"string"},"name":{"type":"string"},"resource":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get organization roles","description":"Get organization roles with pagination."},"post":{"operationId":"CreateOrganizationRole","tags":["Organization roles"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","organizationScopeIds","resourceScopeIds"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The name of the organization role. It must be unique within the organization template."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The description of the organization role."},"type":{"type":"string","enum":["User","MachineToMachine"]},"organizationScopeIds":{"default":[],"type":"array","items":{"type":"string"},"description":"An array of organization scope IDs to be assigned to the organization role."},"resourceScopeIds":{"default":[],"type":"array","items":{"type":"string"},"description":"An array of resource scope IDs to be assigned to the organization role."}}}}}},"responses":{"201":{"description":"The organization role was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization role name is already in use."}},"summary":"Create an organization role","description":"Create a new organization role with the given data."}},"/api/organization-roles/{id}/scopes":{"get":{"operationId":"ListOrganizationRoleScopes","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of organization scopes.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization role scopes","description":"Get organization scopes that are assigned to the specified organization role with optional pagination."},"post":{"operationId":"CreateOrganizationRoleScope","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationScopeIds"],"properties":{"organizationScopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization scope IDs to be assigned. Existed scope IDs assignments will be ignored."}}}}}},"responses":{"201":{"description":"Organization scopes were assigned successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is invalid. For example, the organization scope ID does not exist;"}},"summary":"Assign organization scopes to organization role","description":"Assign organization scopes to the specified organization role"},"put":{"operationId":"ReplaceOrganizationRoleScopes","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationScopeIds"],"properties":{"organizationScopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization scope IDs to replace existing scopes."}}}}}},"responses":{"204":{"description":"Organization scopes were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is invalid. For example, the organization scope ID does not exist."}},"summary":"Replace organization scopes for organization role","description":"Replace all organization scopes that are assigned to the specified organization role with the given organization scopes. This effectively removes all existing organization scope assignments and replaces them with the new ones."}},"/api/organization-roles/{id}/scopes/{organizationScopeId}":{"delete":{"operationId":"DeleteOrganizationRoleScope","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"},{"$ref":"#/components/parameters/organizationScopeId"}],"responses":{"204":{"description":"Organization scope assignment was removed successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Remove organization scope","description":"Remove a organization scope assignment from the specified organization role."}},"/api/organization-roles/{id}/resource-scopes":{"get":{"operationId":"ListOrganizationRoleResourceScopes","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of resource scopes.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","resourceId","name","description","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"resourceId":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization role resource scopes","description":"Get resource scopes that are assigned to the specified organization role with optional pagination."},"post":{"operationId":"CreateOrganizationRoleResourceScope","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["scopeIds"],"properties":{"scopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of resource scope IDs to be assigned. Existed scope IDs assignments will be ignored."}}}}}},"responses":{"201":{"description":"Resource scopes were assigned successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is invalid. For example, the resource scope ID does not exist;"}},"summary":"Assign resource scopes to organization role","description":"Assign resource scopes to the specified organization role"},"put":{"operationId":"ReplaceOrganizationRoleResourceScopes","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["scopeIds"],"properties":{"scopeIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of resource scope IDs to replace existing scopes."}}}}}},"responses":{"204":{"description":"Resource scopes were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is invalid. For example, the resource scope ID does not exist."}},"summary":"Replace resource scopes for organization role","description":"Replace all resource scopes that are assigned to the specified organization role with the given resource scopes. This effectively removes all existing organization scope assignments and replaces them with the new ones."}},"/api/organization-roles/{id}/resource-scopes/{scopeId}":{"delete":{"operationId":"DeleteOrganizationRoleResourceScope","tags":["Organization roles"],"parameters":[{"$ref":"#/components/parameters/organizationRoleId-root"},{"$ref":"#/components/parameters/scopeId"}],"responses":{"204":{"description":"Resource scope assignment was removed successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Remove resource scope","description":"Remove a resource scope assignment from the specified organization role."}},"/api/organization-scopes":{"get":{"operationId":"ListOrganizationScopes","tags":["Organization scopes"],"parameters":[{"name":"q","in":"query","required":false,"schema":{"type":"string"}},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of organization scopes.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get organization scopes","description":"Get organization scopes that match with optional pagination."},"post":{"operationId":"CreateOrganizationScope","tags":["Organization scopes"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The name of the organization scope. It must be unique within the organization template."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The description of the organization scope."}}}}}},"responses":{"201":{"description":"The organization scope was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization scope name is already in use."}},"summary":"Create an organization scope","description":"Create a new organization scope with the given data."}},"/api/organization-scopes/{id}":{"get":{"operationId":"GetOrganizationScope","tags":["Organization scopes"],"parameters":[{"$ref":"#/components/parameters/organizationScopeId-root"}],"responses":{"200":{"description":"The organization scope data for the given ID.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization scope","description":"Get organization scope details by ID."},"patch":{"operationId":"UpdateOrganizationScope","tags":["Organization scopes"],"parameters":[{"$ref":"#/components/parameters/organizationScopeId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The updated name of the organization scope. It must be unique within the organization template."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The updated description of the organization scope."}}}}}},"responses":{"200":{"description":"The organization scope was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"The organization scope name is already in use."}},"summary":"Update organization scope","description":"Update organization scope details by ID with the given data."},"delete":{"operationId":"DeleteOrganizationScope","tags":["Organization scopes"],"parameters":[{"$ref":"#/components/parameters/organizationScopeId-root"}],"responses":{"204":{"description":"The organization scope was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete organization scope","description":"Delete organization scope by ID."}},"/api/organization-invitations/{id}":{"get":{"operationId":"GetOrganizationInvitation","tags":["Organization invitations"],"parameters":[{"$ref":"#/components/parameters/organizationInvitationId-root"}],"responses":{"200":{"description":"The organization invitation, also contains the organization roles to be assigned to the user when they accept the invitation.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","inviterId","invitee","acceptedUserId","organizationId","status","createdAt","updatedAt","expiresAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"inviterId":{"type":"string","maxLength":21,"nullable":true},"invitee":{"type":"string","minLength":1,"maxLength":256},"acceptedUserId":{"type":"string","maxLength":21,"nullable":true},"organizationId":{"type":"string","minLength":1,"maxLength":21},"status":{"type":"string","enum":["Pending","Accepted","Expired","Revoked"]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"expiresAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization invitation","description":"Get an organization invitation by ID."},"delete":{"operationId":"DeleteOrganizationInvitation","tags":["Organization invitations"],"parameters":[{"$ref":"#/components/parameters/organizationInvitationId-root"}],"responses":{"204":{"description":"The organization invitation was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete organization invitation","description":"Delete an organization invitation by ID."}},"/api/organization-invitations":{"get":{"operationId":"ListOrganizationInvitations","tags":["Organization invitations"],"parameters":[{"name":"organizationId","in":"query","required":false,"schema":{"type":"string"}},{"name":"inviterId","in":"query","required":false,"schema":{"type":"string"}},{"name":"invitee","in":"query","required":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"A list of organization invitations, each item also contains the organization roles to be assigned to the user when they accept the invitation.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","inviterId","invitee","acceptedUserId","organizationId","status","createdAt","updatedAt","expiresAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"inviterId":{"type":"string","maxLength":21,"nullable":true},"invitee":{"type":"string","minLength":1,"maxLength":256},"acceptedUserId":{"type":"string","maxLength":21,"nullable":true},"organizationId":{"type":"string","minLength":1,"maxLength":21},"status":{"type":"string","enum":["Pending","Accepted","Expired","Revoked"]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"expiresAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get organization invitations","description":"Get organization invitations."},"post":{"operationId":"CreateOrganizationInvitation","tags":["Organization invitations"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["invitee","organizationId","expiresAt","messagePayload"],"properties":{"inviterId":{"type":"string","maxLength":21,"nullable":true,"description":"The ID of the user who is inviting the user to join the organization."},"invitee":{"type":"string","format":"email","description":"The email address of the user to invite to join the organization."},"organizationId":{"type":"string","minLength":1,"maxLength":21,"description":"The ID of the organization to invite the user to join."},"expiresAt":{"type":"number","description":"The epoch time in milliseconds when the invitation expires."},"organizationRoleIds":{"type":"array","items":{"type":"string"},"description":"The IDs of the organization roles to assign to the user when they accept the invitation."},"messagePayload":{"default":false,"oneOf":[{"type":"object","properties":{"code":{"type":"string"},"link":{"type":"string"},"locale":{"type":"string"},"uiLocales":{"type":"string"}}},{"type":"boolean","format":"false"}],"description":"The message payload for the \"OrganizationInvitation\" template to use when sending the invitation via email. If it is `false`, the invitation will not be sent via email."}}}}},"description":"The organization invitation to create."},"responses":{"201":{"description":"The organization invitation was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","inviterId","invitee","acceptedUserId","organizationId","status","createdAt","updatedAt","expiresAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"inviterId":{"type":"string","maxLength":21,"nullable":true},"invitee":{"type":"string","minLength":1,"maxLength":256},"acceptedUserId":{"type":"string","maxLength":21,"nullable":true},"organizationId":{"type":"string","minLength":1,"maxLength":21},"status":{"type":"string","enum":["Pending","Accepted","Expired","Revoked"]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"expiresAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}},"400":{"description":"The organization invitation could not be created. This can happen if the input is invalid or if the expiration date is in the past."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"},"501":{"description":"No email connector is configured for the tenant."}},"summary":"Create organization invitation","description":"Create an organization invitation and optionally send it via email. The tenant should have an email connector configured if you want to send the invitation via email at this point."}},"/api/organization-invitations/{id}/message":{"post":{"operationId":"CreateOrganizationInvitationMessage","tags":["Organization invitations"],"parameters":[{"$ref":"#/components/parameters/organizationInvitationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"code":{"type":"string"},"link":{"type":"string"},"locale":{"type":"string"},"uiLocales":{"type":"string"}}}}},"description":"The message payload for the \"OrganizationInvitation\" template to use when sending the invitation via email."},"responses":{"204":{"description":"The invitation message was resent successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Resend invitation message","description":"Resend the invitation message to the invitee."}},"/api/organization-invitations/{id}/status":{"put":{"operationId":"ReplaceOrganizationInvitationStatus","tags":["Organization invitations"],"parameters":[{"$ref":"#/components/parameters/organizationInvitationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["status"],"properties":{"acceptedUserId":{"type":"string","maxLength":21,"nullable":true,"description":"The ID of the user who accepted the organization invitation. Required if the status is \"Accepted\"."},"status":{"type":"string","enum":["Accepted","Revoked"],"description":"The status of the organization invitation."}}}}},"description":"The organization invitation status to update."},"responses":{"200":{"description":"The organization invitation status was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","inviterId","invitee","acceptedUserId","organizationId","status","createdAt","updatedAt","expiresAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"inviterId":{"type":"string","maxLength":21,"nullable":true},"invitee":{"type":"string","minLength":1,"maxLength":256},"acceptedUserId":{"type":"string","maxLength":21,"nullable":true},"organizationId":{"type":"string","minLength":1,"maxLength":21},"status":{"type":"string","enum":["Pending","Accepted","Expired","Revoked"]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"expiresAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization invitation status could not be updated. This can happen if the current status is not \"Pending\" or if the status is \"Accepted\" and the accepted user ID is not provided."}},"summary":"Update organization invitation status","description":"Update the status of an organization invitation by ID."}},"/api/organizations":{"post":{"operationId":"CreateOrganization","tags":["Organizations"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"tenantId":{"type":"string","maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The name of the organization."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The description of the organization."},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"responses":{"201":{"description":"The organization was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Create an organization","description":"Create a new organization with the given data."},"get":{"operationId":"ListOrganizations","tags":["Organizations"],"parameters":[{"name":"q","in":"query","required":false,"schema":{"type":"string"},"description":"The query to filter organizations. It can be a partial ID or name.\n\nIf not provided, all organizations will be returned."},{"name":"showFeatured","in":"query","required":false,"schema":{"type":"string"},"description":"Whether to show featured users in the organization. Featured users are randomly selected from the organization members.\n\nIf not provided, `featuredUsers` will not be included in the response."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of organizations.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"},"usersCount":{"type":"number"},"featuredUsers":{"type":"array","items":{"type":"object","required":["id","avatar","name"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"avatar":{"type":"string","maxLength":2048,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get organizations","description":"Get organizations that match the given query with pagination."}},"/api/organizations/{id}":{"get":{"operationId":"GetOrganization","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"responses":{"200":{"description":"Details of the organization.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization","description":"Get organization details by ID."},"patch":{"operationId":"UpdateOrganization","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128,"description":"The updated name of the organization."},"description":{"type":"string","maxLength":256,"nullable":true,"description":"The updated description of the organization."},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"responses":{"200":{"description":"The organization was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","customData","isMfaRequired","color","branding","customCss","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isMfaRequired":{"type":"boolean"},"color":{"type":"object","properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"customCss":{"type":"string","nullable":true},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update organization","description":"Update organization details by ID with the given data."},"delete":{"operationId":"DeleteOrganization","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"responses":{"204":{"description":"The organization was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete organization","description":"Delete organization by ID."}},"/api/organizations/{id}/users":{"get":{"operationId":"ListOrganizationUsers","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"q","in":"query","required":false,"schema":{"type":"string"},"description":"The query to filter users. It will match multiple fields of users, including ID, name, username, email, and phone number.\n\nIf not provided, all users will be returned."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of users that are members of the organization.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","username","primaryEmail","primaryPhone","name","avatar","customData","identities","lastSignInAt","createdAt","updatedAt","profile","applicationId","isSuspended","organizationRoles"],"properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization user members","description":"Get users that are members of the specified organization for the given query with pagination."},"post":{"operationId":"AddOrganizationUsers","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userIds"],"properties":{"userIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of user IDs to be added to the organization. Organization existed users assignment will be ignored."}}}}}},"responses":{"201":{"description":"Users were added to the organization successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is not valid. For example, the organization ID or user ID does not exist."}},"summary":"Add user members to organization","description":"Add users as members to the specified organization with the given user IDs."},"put":{"operationId":"ReplaceOrganizationUsers","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userIds"],"properties":{"userIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of user IDs to replace existing users."}}}}}},"responses":{"204":{"description":"Successfully replaced all users for the organization."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is not valid. For example, the organization ID or user ID does not exist."}},"summary":"Replace organization user members","description":"Replace all user members for the specified organization with the given users. This effectively removing all existing user memberships in the organization and adding the new users as members."}},"/api/organizations/{id}/users/{userId}":{"delete":{"operationId":"DeleteOrganizationUser","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"}],"responses":{"204":{"description":"The user was removed from the organization members successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The user is not a member of the organization."},"422":{"description":"Unprocessable Content"}},"summary":"Remove user member from organization","description":"Remove a user's membership from the specified organization."}},"/api/organizations/{id}/users/roles":{"post":{"operationId":"AssignOrganizationRolesToUsers","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userIds","organizationRoleIds"],"properties":{"userIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of user IDs to assign roles."},"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role IDs to assign. User existed roles assignment will be ignored."}}}}}},"responses":{"201":{"description":"Roles were assigned to organization users successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is not valid. For example, the organization ID, user ID, or organization role ID does not exist; the user is not a member of the organization; or the role type is not assignable to the user."}},"summary":"Assign roles to organization user members","description":"Assign roles to user members of the specified organization."}},"/api/organizations/{id}/users/{userId}/roles":{"get":{"operationId":"ListOrganizationUserRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of roles assigned to the user.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The user is not a member of the organization."}},"summary":"Get roles for a user in an organization","description":"Get roles assigned to a user in the specified organization with pagination."},"post":{"operationId":"AssignOrganizationRolesToUser","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role IDs to assign to the user. User existed roles assignment will be ignored."},"organizationRoleNames":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role names to assign to the user. User existed roles assignment will be ignored."}}}}}},"responses":{"201":{"description":"Roles were assigned to the user successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The user is not a member of the organization; or at least one of the IDs provided is not valid. For example, the organization ID or organization role ID does not exist; or at least one of the role names provided is not valid. For example, the organization role name does not exist."}},"summary":"Assign roles to a user in an organization","description":"Assign roles to a user in the specified organization with the provided data."},"put":{"operationId":"ReplaceOrganizationUserRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role IDs to update for the user."},"organizationRoleNames":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role names to update for the user."}}}}}},"responses":{"204":{"description":"Roles were updated for the user successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The user is not a member of the organization; or at least one of the IDs provided is not valid. For example, the organization ID or organization role ID does not exist; or at least one of the role names provided is not valid. For example, the organization role name does not exist."}},"summary":"Update roles for a user in an organization","description":"Update roles assigned to a user in the specified organization with the provided data."}},"/api/organizations/{id}/users/{userId}/roles/{organizationRoleId}":{"delete":{"operationId":"DeleteOrganizationUserRole","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"},{"$ref":"#/components/parameters/organizationRoleId"}],"responses":{"204":{"description":"The role was removed from the user successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Cannot find the record to delete."},"422":{"description":"The user is not a member of the organization."}},"summary":"Remove a role from a user in an organization","description":"Remove a role assignment from a user in the specified organization."}},"/api/organizations/{id}/users/{userId}/scopes":{"get":{"operationId":"ListOrganizationUserScopes","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/userId"}],"responses":{"200":{"description":"A list of scopes assigned to the user.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The user is not a member of the organization."}},"summary":"Get scopes for a user in an organization tailored by the organization roles","description":"Get scopes assigned to a user in the specified organization tailored by the organization roles. The scopes are derived from the organization roles assigned to the user."}},"/api/organizations/{id}/applications":{"post":{"operationId":"AddOrganizationApplications","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["applicationIds"],"properties":{"applicationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"The application IDs to add."}}}}}},"responses":{"201":{"description":"The application was added successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The application could not be added. Some of the applications may not exist."}},"summary":"Add organization application","description":"Add an application to the organization."},"put":{"operationId":"ReplaceOrganizationApplications","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["applicationIds"],"properties":{"applicationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of application IDs to replace existing applications."}}}}}},"responses":{"204":{"description":"The applications were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The applications could not be replaced. Some of the applications may not exist."}},"summary":"Replace organization applications","description":"Replace all applications associated with the organization with the given data."},"get":{"operationId":"ListOrganizationApplications","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"q","in":"query","required":false,"schema":{"type":"string"}},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of applications.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","secret","description","type","oidcClientMetadata","customClientMetadata","protectedAppMetadata","customData","isThirdParty","createdAt","organizationRoles"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"secret":{"$ref":"#/components/schemas/ApplicationLegacySecret"},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"oidcClientMetadata":{"type":"object","required":["redirectUris","postLogoutRedirectUris"],"properties":{"redirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"postLogoutRedirectUris":{"type":"array","items":{"type":"object","description":"Validator function"}},"backchannelLogoutUri":{"type":"string","format":"url"},"backchannelLogoutSessionRequired":{"type":"boolean"},"logoUri":{"type":"string"}}},"customClientMetadata":{"type":"object","properties":{"corsAllowedOrigins":{"type":"array","items":{"type":"string","minLength":1}},"idTokenTtl":{"type":"number"},"refreshTokenTtl":{"type":"number"},"refreshTokenTtlInDays":{"type":"number"},"tenantId":{"type":"string"},"alwaysIssueRefreshToken":{"type":"boolean"},"rotateRefreshToken":{"type":"boolean"},"allowTokenExchange":{"type":"boolean"}}},"protectedAppMetadata":{"type":"object","required":["host","origin","sessionDuration","pageRules"],"properties":{"host":{"type":"string"},"origin":{"type":"string"},"sessionDuration":{"type":"number"},"pageRules":{"type":"array","items":{"type":"object","required":["path"],"properties":{"path":{"type":"string"}}}},"customDomains":{"type":"array","items":{"type":"object","required":["domain","status","errorMessage","dnsRecords","cloudflareData"],"properties":{"domain":{"type":"string"},"status":{"type":"string","enum":["PendingVerification","PendingSsl","Active","Error"]},"errorMessage":{"type":"string","nullable":true},"dnsRecords":{"type":"array","items":{"type":"object","required":["name","type","value"],"properties":{"name":{"type":"string"},"type":{"type":"string"},"value":{"type":"string"}}}},"cloudflareData":{"type":"object","required":["id","status","ssl"],"properties":{"id":{"type":"string"},"status":{"type":"string"},"ssl":{"type":"object","required":["status"],"properties":{"status":{"type":"string"},"validation_errors":{"type":"array","items":{"type":"object","required":["message"],"properties":{"message":{"type":"string"}}}}}},"verification_errors":{"type":"array","items":{"type":"string"}}},"nullable":true}}}}},"nullable":true},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"},"organizationRoles":{"type":"array","items":{"type":"object","required":["id","name"],"properties":{"id":{"type":"string"},"name":{"type":"string"}}}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization applications","description":"Get applications associated with the organization."}},"/api/organizations/{id}/applications/{applicationId}":{"delete":{"operationId":"DeleteOrganizationApplication","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/applicationId"}],"responses":{"204":{"description":"The application was removed from the organization successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Remove organization application","description":"Remove an application from the organization."}},"/api/organizations/{id}/applications/roles":{"post":{"operationId":"AssignOrganizationRolesToApplications","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["applicationIds","organizationRoleIds"],"properties":{"applicationIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of application IDs to assign roles to."},"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role IDs to assign to the applications."}}}}}},"responses":{"201":{"description":"Roles were assigned to the applications successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"At least one of the IDs provided is not valid. For example, the organization ID, application ID, or organization role ID does not exist; the application is not a member of the organization; or the role type is not assignable to the application."}},"summary":"Assign roles to applications in an organization","description":"Assign roles to applications in the specified organization."}},"/api/organizations/{id}/applications/{applicationId}/roles":{"get":{"operationId":"ListOrganizationApplicationRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/applicationId"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of roles.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Get organization application roles","description":"Get roles associated with the application in the organization."},"post":{"operationId":"AssignOrganizationRolesToApplication","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationRoleIds"],"properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"The role ID to add."}}}}}},"responses":{"201":{"description":"The role was added successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The role could not be added. Some of the roles may not exist."}},"summary":"Add organization application role","description":"Add a role to the application in the organization."},"put":{"operationId":"ReplaceOrganizationApplicationRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/applicationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationRoleIds"],"properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of role IDs to replace existing roles."}}}}}},"responses":{"204":{"description":"The roles were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The roles could not be replaced. Some of the roles may not exist."}},"summary":"Replace organization application roles","description":"Replace all roles associated with the application in the organization with the given data."}},"/api/organizations/{id}/applications/{applicationId}/roles/{organizationRoleId}":{"delete":{"operationId":"DeleteOrganizationApplicationRole","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/applicationId"},{"$ref":"#/components/parameters/organizationRoleId"}],"responses":{"204":{"description":"The role was removed from the application in the organization successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Cannot find the record to delete."},"422":{"description":"The application is not associated with the organization."}},"summary":"Remove organization application role","description":"Remove a role from the application in the organization."}},"/api/organizations/{id}/jit/email-domains":{"get":{"operationId":"ListOrganizationJitEmailDomains","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of email domains.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","organizationId","emailDomain"],"properties":{"tenantId":{"type":"string","maxLength":21},"organizationId":{"type":"string","minLength":1,"maxLength":21},"emailDomain":{"type":"string","minLength":1,"maxLength":128}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get organization JIT email domains","description":"Get email domains for just-in-time provisioning of users in the organization."},"post":{"operationId":"CreateOrganizationJitEmailDomain","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["emailDomain"],"properties":{"emailDomain":{"type":"string","minLength":1,"description":"The email domain to add."}}}}}},"responses":{"201":{"description":"The email domain was added successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","organizationId","emailDomain"],"properties":{"tenantId":{"type":"string","maxLength":21},"organizationId":{"type":"string","minLength":1,"maxLength":21},"emailDomain":{"type":"string","minLength":1,"maxLength":128}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The email domain is already in use."}},"summary":"Add organization JIT email domain","description":"Add a new email domain for just-in-time provisioning of users in the organization."},"put":{"operationId":"ReplaceOrganizationJitEmailDomains","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["emailDomains"],"properties":{"emailDomains":{"type":"array","items":{"type":"string"},"description":"An array of email domains to replace existing email domains."}}}}}},"responses":{"204":{"description":"The email domains were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Replace organization JIT email domains","description":"Replace all just-in-time provisioning email domains for the organization with the given data."}},"/api/organizations/{id}/jit/email-domains/{emailDomain}":{"delete":{"operationId":"DeleteOrganizationJitEmailDomain","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"emailDomain","in":"path","required":true,"schema":{"type":"string","minLength":1},"description":"The email domain to remove."}],"responses":{"204":{"description":"The email domain was removed successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The email domain was not found."}},"summary":"Remove organization JIT email domain","description":"Remove an email domain for just-in-time provisioning of users in the organization."}},"/api/organizations/{id}/jit/roles":{"get":{"operationId":"ListOrganizationJitRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of organization roles.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","description","type"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"type":{"type":"string","enum":["User","MachineToMachine"]}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization JIT default roles","description":"Get organization roles that will be assigned to users during just-in-time provisioning."},"post":{"operationId":"CreateOrganizationJitRole","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationRoleIds"],"properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"The organization role IDs to add."}}}}}},"responses":{"201":{"description":"The organization roles were added successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization roles could not be added. Some of the organization roles may not exist."}},"summary":"Add organization JIT default roles","description":"Add new organization roles that will be assigned to users during just-in-time provisioning."},"put":{"operationId":"ReplaceOrganizationJitRoles","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["organizationRoleIds"],"properties":{"organizationRoleIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of organization role IDs to replace existing organization roles."}}}}}},"responses":{"204":{"description":"The organization roles were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization roles could not be replaced. Some of the organization roles may not exist."}},"summary":"Replace organization JIT default roles","description":"Replace all organization roles that will be assigned to users during just-in-time provisioning with the given data."}},"/api/organizations/{id}/jit/roles/{organizationRoleId}":{"delete":{"operationId":"DeleteOrganizationJitRole","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/organizationRoleId"}],"responses":{"204":{"description":"The organization role was removed successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The organization role could not be removed. The organization role may not exist."}},"summary":"Remove organization JIT default role","description":"Remove an organization role that will be assigned to users during just-in-time provisioning."}},"/api/organizations/{id}/jit/sso-connectors":{"get":{"operationId":"ListOrganizationJitSsoConnectors","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of SSO connectors.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","providerName","connectorName","config","domains","branding","syncProfile","enableTokenStorage","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"providerName":{"type":"string","minLength":1,"maxLength":128},"connectorName":{"type":"string","minLength":1,"maxLength":128},"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get organization JIT SSO connectors","description":"Get enterprise SSO connectors for just-in-time provisioning of users in the organization."},"post":{"operationId":"CreateOrganizationJitSsoConnector","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["ssoConnectorIds"],"properties":{"ssoConnectorIds":{"type":"array","items":{"type":"string","minLength":1},"description":"The SSO connector IDs to add."}}}}}},"responses":{"201":{"description":"The SSO connectors were added successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The SSO connectors could not be added. Some of the SSO connectors may not exist."}},"summary":"Add organization JIT SSO connectors","description":"Add new enterprise SSO connectors for just-in-time provisioning of users in the organization."},"put":{"operationId":"ReplaceOrganizationJitSsoConnectors","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["ssoConnectorIds"],"properties":{"ssoConnectorIds":{"type":"array","items":{"type":"string","minLength":1},"description":"An array of SSO connector IDs to replace existing SSO connectors."}}}}}},"responses":{"204":{"description":"The SSO connectors were replaced successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The SSO connectors could not be replaced. Some of the SSO connectors may not exist."}},"summary":"Replace organization JIT SSO connectors","description":"Replace all enterprise SSO connectors for just-in-time provisioning of users in the organization with the given data."}},"/api/organizations/{id}/jit/sso-connectors/{ssoConnectorId}":{"delete":{"operationId":"DeleteOrganizationJitSsoConnector","tags":["Organizations"],"parameters":[{"$ref":"#/components/parameters/organizationId-root"},{"$ref":"#/components/parameters/ssoConnectorId"}],"responses":{"204":{"description":"The SSO connector was removed successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The SSO connector could not be removed. The SSO connector may not exist."}},"summary":"Remove organization JIT SSO connector","description":"Remove an enterprise SSO connector for just-in-time provisioning of users in the organization."}},"/api/sso-connector-providers":{"get":{"operationId":"ListSsoConnectorProviders","tags":["SSO connector providers"],"parameters":[],"responses":{"200":{"description":"A list of SSO provider data.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["providerName","providerType","logo","logoDark","description","name"],"properties":{"providerName":{"type":"string","enum":["OIDC","SAML","AzureAD","GoogleWorkspace","Okta","AzureAdOidc"]},"providerType":{"type":"string","enum":["oidc","saml"]},"logo":{"type":"string"},"logoDark":{"type":"string"},"description":{"type":"string"},"name":{"type":"string"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"List all the supported SSO connector provider details","description":"Get a complete list of supported SSO connector providers."}},"/api/sso-connectors":{"post":{"operationId":"CreateSsoConnector","tags":["SSO connectors"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["providerName","connectorName"],"properties":{"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"providerName":{"type":"string","minLength":1,"maxLength":128},"connectorName":{"type":"string","minLength":1,"maxLength":128}}}}}},"responses":{"200":{"description":"The created SSO connector.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","providerName","connectorName","config","domains","branding","syncProfile","enableTokenStorage","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"providerName":{"type":"string","minLength":1,"maxLength":128},"connectorName":{"type":"string","minLength":1,"maxLength":128},"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"409":{"description":"Conflict"},"422":{"description":"At lease one of the given input fields is invalid or IdP connection cannot be verified with the given config."}},"summary":"Create SSO connector","description":"Create an new SSO connector instance for a given provider."},"get":{"operationId":"ListSsoConnectors","tags":["SSO connectors"],"parameters":[{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of SSO connectors.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","providerName","connectorName","config","domains","branding","syncProfile","enableTokenStorage","createdAt","name","providerType","providerLogo","providerLogoDark"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"providerName":{"type":"string","enum":["OIDC","SAML","AzureAD","GoogleWorkspace","Okta","AzureAdOidc"]},"connectorName":{"type":"string","minLength":1,"maxLength":128},"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"createdAt":{"type":"number"},"name":{"type":"string"},"providerType":{"type":"string","enum":["oidc","saml"]},"providerLogo":{"type":"string"},"providerLogoDark":{"type":"string"},"providerConfig":{"type":"object","additionalProperties":{"example":{}}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"List SSO connectors","description":"Get SSO connectors with pagination. In addition to the raw SSO connector data, a copy of fetched or parsed IdP configs and a copy of connector provider's data will be attached."}},"/api/sso-connectors/{id}":{"get":{"operationId":"GetSsoConnector","tags":["SSO connectors"],"parameters":[{"$ref":"#/components/parameters/ssoConnectorId-root"}],"responses":{"200":{"description":"The SSO connector data with the given ID.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","providerName","connectorName","config","domains","branding","syncProfile","enableTokenStorage","createdAt","name","providerType","providerLogo","providerLogoDark"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"providerName":{"type":"string","enum":["OIDC","SAML","AzureAD","GoogleWorkspace","Okta","AzureAdOidc"]},"connectorName":{"type":"string","minLength":1,"maxLength":128},"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"createdAt":{"type":"number"},"name":{"type":"string"},"providerType":{"type":"string","enum":["oidc","saml"]},"providerLogo":{"type":"string"},"providerLogoDark":{"type":"string"},"providerConfig":{"type":"object","additionalProperties":{"example":{}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"SSO connector not found."}},"summary":"Get SSO connector","description":"Get SSO connector data by ID. In addition to the raw SSO connector data, a copy of fetched or parsed IdP configs and a copy of connector provider's data will be attached."},"delete":{"operationId":"DeleteSsoConnector","tags":["SSO connectors"],"parameters":[{"$ref":"#/components/parameters/ssoConnectorId-root"}],"responses":{"204":{"description":"SSO connector deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"SSO connector not found."}},"summary":"Delete SSO connector","description":"Delete an SSO connector by ID."},"patch":{"operationId":"UpdateSsoConnector","tags":["SSO connectors"],"parameters":[{"$ref":"#/components/parameters/ssoConnectorId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"connectorName":{"type":"string","minLength":1,"maxLength":128},"enableTokenStorage":{"type":"boolean"}}}}}},"responses":{"200":{"description":"The updated SSO connector.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","providerName","connectorName","config","domains","branding","syncProfile","enableTokenStorage","createdAt","name","providerType","providerLogo","providerLogoDark"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"providerName":{"type":"string","enum":["OIDC","SAML","AzureAD","GoogleWorkspace","Okta","AzureAdOidc"]},"connectorName":{"type":"string","minLength":1,"maxLength":128},"config":{"type":"object","description":"arbitrary"},"domains":{"type":"array","items":{"type":"string"}},"branding":{"type":"object","properties":{"displayName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}},"syncProfile":{"type":"boolean"},"enableTokenStorage":{"type":"boolean"},"createdAt":{"type":"number"},"name":{"type":"string"},"providerType":{"type":"string","enum":["oidc","saml"]},"providerLogo":{"type":"string"},"providerLogoDark":{"type":"string"},"providerConfig":{"type":"object","additionalProperties":{"example":{}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"SSO connector not found."},"409":{"description":"Conflict"},"422":{"description":"At lease one of the update fields is invalid or IdP connection can not be verified with the given connection config."}},"summary":"Update SSO connector","description":"Update an SSO connector by ID. This method performs a partial update."}},"/api/systems/application":{"get":{"operationId":"GetSystemApplicationConfig","tags":["Systems"],"parameters":[],"responses":{"200":{"description":"The application constants.","content":{"application/json":{"schema":{"type":"object","required":["protectedApps"],"properties":{"protectedApps":{"type":"object","required":["defaultDomain"],"properties":{"defaultDomain":{"type":"string"}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"501":{"description":"Not Implemented"}},"summary":"Get the application constants.","description":"Get the application constants."}},"/api/subject-tokens":{"post":{"operationId":"CreateSubjectToken","tags":["Subject tokens"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string","description":"The ID of the user to impersonate."},"context":{"type":"object","description":"The additional context to be included in the token, this can be used in custom JWT."}}}}}},"responses":{"201":{"description":"The subject token has been created successfully.","content":{"application/json":{"schema":{"type":"object","required":["subjectToken","expiresIn"],"properties":{"subjectToken":{"type":"string"},"expiresIn":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The user does not exist."}},"summary":"Create a new subject token.","description":"Create a new subject token for the use of impersonating the user."}},"/api/account-center":{"get":{"operationId":"GetAccountCenterSettings","tags":["Account center"],"parameters":[],"responses":{"200":{"description":"Account center settings.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","enabled","fields","webauthnRelatedOrigins"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"enabled":{"type":"boolean"},"fields":{"type":"object","properties":{"name":{"type":"string","enum":["Off","ReadOnly","Edit"]},"avatar":{"type":"string","enum":["Off","ReadOnly","Edit"]},"profile":{"type":"string","enum":["Off","ReadOnly","Edit"]},"email":{"type":"string","enum":["Off","ReadOnly","Edit"]},"phone":{"type":"string","enum":["Off","ReadOnly","Edit"]},"password":{"type":"string","enum":["Off","ReadOnly","Edit"]},"username":{"type":"string","enum":["Off","ReadOnly","Edit"]},"social":{"type":"string","enum":["Off","ReadOnly","Edit"]},"customData":{"type":"string","enum":["Off","ReadOnly","Edit"]},"mfa":{"type":"string","enum":["Off","ReadOnly","Edit"]},"session":{"type":"string","enum":["Off","ReadOnly","Edit"]}}},"webauthnRelatedOrigins":{"type":"array","items":{"type":"string"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get account center settings","description":"Get the account center settings."},"patch":{"operationId":"UpdateAccountCenterSettings","tags":["Account center"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"enabled":{"type":"boolean","description":"Enable or disable the account API."},"fields":{"type":"object","properties":{"name":{"type":"string","enum":["Off","ReadOnly","Edit"]},"avatar":{"type":"string","enum":["Off","ReadOnly","Edit"]},"profile":{"type":"string","enum":["Off","ReadOnly","Edit"]},"email":{"type":"string","enum":["Off","ReadOnly","Edit"]},"phone":{"type":"string","enum":["Off","ReadOnly","Edit"]},"password":{"type":"string","enum":["Off","ReadOnly","Edit"]},"username":{"type":"string","enum":["Off","ReadOnly","Edit"]},"social":{"type":"string","enum":["Off","ReadOnly","Edit"]},"customData":{"type":"string","enum":["Off","ReadOnly","Edit"]},"mfa":{"type":"string","enum":["Off","ReadOnly","Edit"]},"session":{"type":"string","enum":["Off","ReadOnly","Edit"]}},"description":"The fields settings for the account API."},"webauthnRelatedOrigins":{"type":"array","items":{"type":"string"},"description":"The allowed domains for webauthn."}}}}}},"responses":{"200":{"description":"Updated account center settings.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","enabled","fields","webauthnRelatedOrigins"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"enabled":{"type":"boolean"},"fields":{"type":"object","properties":{"name":{"type":"string","enum":["Off","ReadOnly","Edit"]},"avatar":{"type":"string","enum":["Off","ReadOnly","Edit"]},"profile":{"type":"string","enum":["Off","ReadOnly","Edit"]},"email":{"type":"string","enum":["Off","ReadOnly","Edit"]},"phone":{"type":"string","enum":["Off","ReadOnly","Edit"]},"password":{"type":"string","enum":["Off","ReadOnly","Edit"]},"username":{"type":"string","enum":["Off","ReadOnly","Edit"]},"social":{"type":"string","enum":["Off","ReadOnly","Edit"]},"customData":{"type":"string","enum":["Off","ReadOnly","Edit"]},"mfa":{"type":"string","enum":["Off","ReadOnly","Edit"]},"session":{"type":"string","enum":["Off","ReadOnly","Edit"]}}},"webauthnRelatedOrigins":{"type":"array","items":{"type":"string"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update account center settings","description":"Update the account center settings with the provided settings."}},"/api/saml-applications":{"post":{"operationId":"CreateSamlApplication","tags":["SAML applications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","nameIdFormat"],"properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The name of the SAML application."},"description":{"type":"string","nullable":true,"description":"Optional description of the SAML application."},"customData":{"type":"object","description":"Optional custom data for the application."},"attributeMapping":{"type":"object","properties":{"sub":{"type":"string"},"name":{"type":"string"},"given_name":{"type":"string"},"family_name":{"type":"string"},"middle_name":{"type":"string"},"nickname":{"type":"string"},"preferred_username":{"type":"string"},"profile":{"type":"string"},"picture":{"type":"string"},"website":{"type":"string"},"email":{"type":"string"},"email_verified":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"phone_number":{"type":"string"},"phone_number_verified":{"type":"string"},"address":{"type":"string"},"updated_at":{"type":"string"},"username":{"type":"string"},"created_at":{"type":"string"},"custom_data":{"type":"string"},"identities":{"type":"string"},"sso_identities":{"type":"string"},"roles":{"type":"string"},"organizations":{"type":"string"},"organization_data":{"type":"string"},"organization_roles":{"type":"string"}}},"entityId":{"type":"string","maxLength":128,"nullable":true},"acsUrl":{"type":"string","required":["binding","url"],"properties":{"binding":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"]},"url":{"type":"string","format":"url"}},"nullable":true,"description":"The Assertion Consumer Service (ACS) URL where the SAML response will be sent."},"encryption":{"type":"object","description":"Validator function","nullable":true},"nameIdFormat":{"default":"urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","type":"string","enum":["urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress","urn:oasis:names:tc:SAML:2.0:nameid-format:transient","urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]}}}}}},"responses":{"201":{"description":"The SAML application was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","customData","isThirdParty","createdAt","attributeMapping","entityId","acsUrl","encryption","nameIdFormat"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"},"attributeMapping":{"type":"object","properties":{"sub":{"type":"string"},"name":{"type":"string"},"given_name":{"type":"string"},"family_name":{"type":"string"},"middle_name":{"type":"string"},"nickname":{"type":"string"},"preferred_username":{"type":"string"},"profile":{"type":"string"},"picture":{"type":"string"},"website":{"type":"string"},"email":{"type":"string"},"email_verified":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"phone_number":{"type":"string"},"phone_number_verified":{"type":"string"},"address":{"type":"string"},"updated_at":{"type":"string"},"username":{"type":"string"},"created_at":{"type":"string"},"custom_data":{"type":"string"},"identities":{"type":"string"},"sso_identities":{"type":"string"},"roles":{"type":"string"},"organizations":{"type":"string"},"organization_data":{"type":"string"},"organization_roles":{"type":"string"}}},"entityId":{"type":"string","maxLength":128,"nullable":true},"acsUrl":{"type":"object","required":["binding","url"],"properties":{"binding":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"]},"url":{"type":"string","format":"url"}},"nullable":true},"encryption":{"type":"object","description":"Validator function","nullable":true},"nameIdFormat":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress","urn:oasis:names:tc:SAML:2.0:nameid-format:transient","urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]}}}}}},"400":{"description":"Invalid request body."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Validation error. The ACS URL is invalid or other validation errors."}},"summary":"Create SAML application","description":"Create a new SAML application with the given configuration. A default signing certificate with 3 years lifetime will be automatically created."}},"/api/saml-applications/{id}":{"get":{"operationId":"GetSamlApplication","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"responses":{"200":{"description":"The SAML application details.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","customData","isThirdParty","createdAt","attributeMapping","entityId","acsUrl","encryption","nameIdFormat"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"},"attributeMapping":{"type":"object","properties":{"sub":{"type":"string"},"name":{"type":"string"},"given_name":{"type":"string"},"family_name":{"type":"string"},"middle_name":{"type":"string"},"nickname":{"type":"string"},"preferred_username":{"type":"string"},"profile":{"type":"string"},"picture":{"type":"string"},"website":{"type":"string"},"email":{"type":"string"},"email_verified":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"phone_number":{"type":"string"},"phone_number_verified":{"type":"string"},"address":{"type":"string"},"updated_at":{"type":"string"},"username":{"type":"string"},"created_at":{"type":"string"},"custom_data":{"type":"string"},"identities":{"type":"string"},"sso_identities":{"type":"string"},"roles":{"type":"string"},"organizations":{"type":"string"},"organization_data":{"type":"string"},"organization_roles":{"type":"string"}}},"entityId":{"type":"string","maxLength":128,"nullable":true},"acsUrl":{"type":"object","required":["binding","url"],"properties":{"binding":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"]},"url":{"type":"string","format":"url"}},"nullable":true},"encryption":{"type":"object","description":"Validator function","nullable":true},"nameIdFormat":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress","urn:oasis:names:tc:SAML:2.0:nameid-format:transient","urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application was not found."},"422":{"description":"Unprocessable Content"}},"summary":"Get SAML application","description":"Get SAML application details by ID."},"patch":{"operationId":"UpdateSamlApplication","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","minLength":1,"maxLength":256,"description":"The name of the SAML application."},"description":{"type":"string","nullable":true,"description":"Description of the SAML application."},"customData":{"type":"object","description":"Custom data for the application."},"attributeMapping":{"type":"object","properties":{"sub":{"type":"string"},"name":{"type":"string"},"given_name":{"type":"string"},"family_name":{"type":"string"},"middle_name":{"type":"string"},"nickname":{"type":"string"},"preferred_username":{"type":"string"},"profile":{"type":"string"},"picture":{"type":"string"},"website":{"type":"string"},"email":{"type":"string"},"email_verified":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"phone_number":{"type":"string"},"phone_number_verified":{"type":"string"},"address":{"type":"string"},"updated_at":{"type":"string"},"username":{"type":"string"},"created_at":{"type":"string"},"custom_data":{"type":"string"},"identities":{"type":"string"},"sso_identities":{"type":"string"},"roles":{"type":"string"},"organizations":{"type":"string"},"organization_data":{"type":"string"},"organization_roles":{"type":"string"}}},"entityId":{"type":"string","maxLength":128,"nullable":true},"acsUrl":{"type":"string","required":["binding","url"],"properties":{"binding":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"]},"url":{"type":"string","format":"url"}},"nullable":true,"description":"The Assertion Consumer Service (ACS) URL."},"encryption":{"type":"object","description":"Validator function","nullable":true},"nameIdFormat":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress","urn:oasis:names:tc:SAML:2.0:nameid-format:transient","urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]}}}}}},"responses":{"200":{"description":"The SAML application was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","description","type","customData","isThirdParty","createdAt","attributeMapping","entityId","acsUrl","encryption","nameIdFormat"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":256},"description":{"type":"string","nullable":true},"type":{"type":"string","enum":["Native","SPA","Traditional","MachineToMachine","Protected","SAML"]},"customData":{"type":"object","description":"arbitrary"},"isThirdParty":{"type":"boolean"},"createdAt":{"type":"number"},"attributeMapping":{"type":"object","properties":{"sub":{"type":"string"},"name":{"type":"string"},"given_name":{"type":"string"},"family_name":{"type":"string"},"middle_name":{"type":"string"},"nickname":{"type":"string"},"preferred_username":{"type":"string"},"profile":{"type":"string"},"picture":{"type":"string"},"website":{"type":"string"},"email":{"type":"string"},"email_verified":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"phone_number":{"type":"string"},"phone_number_verified":{"type":"string"},"address":{"type":"string"},"updated_at":{"type":"string"},"username":{"type":"string"},"created_at":{"type":"string"},"custom_data":{"type":"string"},"identities":{"type":"string"},"sso_identities":{"type":"string"},"roles":{"type":"string"},"organizations":{"type":"string"},"organization_data":{"type":"string"},"organization_roles":{"type":"string"}}},"entityId":{"type":"string","maxLength":128,"nullable":true},"acsUrl":{"type":"object","required":["binding","url"],"properties":{"binding":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST","urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"]},"url":{"type":"string","format":"url"}},"nullable":true},"encryption":{"type":"object","description":"Validator function","nullable":true},"nameIdFormat":{"type":"string","enum":["urn:oasis:names:tc:SAML:2.0:nameid-format:persistent","urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress","urn:oasis:names:tc:SAML:2.0:nameid-format:transient","urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application was not found."},"422":{"description":"Validation error."}},"summary":"Update SAML application","description":"Update SAML application details by ID."},"delete":{"operationId":"DeleteSamlApplication","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"responses":{"204":{"description":"The SAML application was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application was not found."},"422":{"description":"The specified application is not a SAML application."}},"summary":"Delete SAML application","description":"Delete a SAML application by ID."}},"/api/saml-applications/{id}/secrets":{"post":{"operationId":"CreateSamlApplicationSecret","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["lifeSpanInYears"],"properties":{"lifeSpanInYears":{"type":"integer","minimum":1,"description":"The lifetime of the certificate in years (minimum 1 year)."}}}}}},"responses":{"201":{"description":"The signing certificate was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["id","certificate","createdAt","expiresAt","active","fingerprints"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"certificate":{"type":"string","minLength":1},"createdAt":{"type":"number"},"expiresAt":{"type":"number"},"active":{"type":"boolean"},"fingerprints":{"type":"object","required":["sha256"],"properties":{"sha256":{"type":"object","required":["formatted","unformatted"],"properties":{"formatted":{"type":"string"},"unformatted":{"type":"string"}}}}}}}}}},"400":{"description":"Invalid request body."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application was not found."}},"summary":"Create SAML application secret","description":"Create a new signing certificate for the SAML application."},"get":{"operationId":"ListSamlApplicationSecrets","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"responses":{"200":{"description":"A list of signing certificates.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","certificate","createdAt","expiresAt","active","fingerprints"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21,"description":"The ID of the signing certificate."},"certificate":{"type":"string","minLength":1,"description":"The X.509 certificate in PEM format."},"createdAt":{"type":"number"},"expiresAt":{"type":"string","format":"date-time","description":"The expiration time of the certificate."},"active":{"type":"boolean"},"fingerprints":{"type":"object","required":["sha256"],"properties":{"sha256":{"type":"object","required":["formatted","unformatted"],"properties":{"formatted":{"type":"string"},"unformatted":{"type":"string"}}}}},"fingerprint":{"type":"string","description":"The SHA-256 fingerprint of the certificate."},"isActive":{"type":"boolean","description":"Whether this certificate is currently active."}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application was not found."}},"summary":"List SAML application secrets","description":"Get all signing certificates of the SAML application."}},"/api/saml-applications/{id}/secrets/{secretId}":{"delete":{"operationId":"DeleteSamlApplicationSecret","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"},{"$ref":"#/components/parameters/secretId"}],"responses":{"204":{"description":"The signing certificate was deleted successfully."},"400":{"description":"Cannot delete an active certificate."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application or certificate was not found."}},"summary":"Delete SAML application secret","description":"Delete a signing certificate of the SAML application. Active certificates cannot be deleted."},"patch":{"operationId":"UpdateSamlApplicationSecret","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"},{"$ref":"#/components/parameters/secretId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["active"],"properties":{"active":{"type":"boolean","description":"Whether the certificate is active."}}}}}},"responses":{"200":{"description":"The signing certificate was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["id","certificate","createdAt","expiresAt","active","fingerprints"],"properties":{"id":{"type":"string","minLength":1,"maxLength":21},"certificate":{"type":"string","minLength":1},"createdAt":{"type":"number"},"expiresAt":{"type":"number"},"active":{"type":"boolean"},"fingerprints":{"type":"object","required":["sha256"],"properties":{"sha256":{"type":"object","required":["formatted","unformatted"],"properties":{"formatted":{"type":"string"},"unformatted":{"type":"string"}}}}}}}}}},"400":{"description":"Invalid request body."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The SAML application or certificate was not found."}},"summary":"Update SAML application secret","description":"Update the status of a signing certificate."}},"/api/email-templates":{"put":{"operationId":"ReplaceEmailTemplates","tags":["Email templates"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["templates"],"properties":{"templates":{"type":"array","items":{"type":"object","required":["languageTag","templateType","details"],"properties":{"languageTag":{"type":"string","minLength":1,"maxLength":16,"description":"The language tag of the email template, e.g., `en` or `fr`."},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"],"description":"The type of the email template, e.g. `SignIn` or `ForgotPassword`"},"details":{"type":"object","required":["subject","content"],"properties":{"subject":{"type":"string","description":"The template of the email subject."},"content":{"type":"string","description":"The template of the email body."},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}],"description":"The content type of the email body. (Only required by some specific email providers.)"},"replyTo":{"type":"string","description":"The reply name template of the email. If not provided, the target email address will be used. (The render logic may differ based on the email provider.)"},"sendFrom":{"type":"string","description":"The send from name template of the email. If not provided, the default Logto email address will be used. (The render logic may differ based on the email provider.)"}},"description":"The details of the email template."}}}}}}}}},"responses":{"200":{"description":"The list of newly created or replaced email templates.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","languageTag","templateType","details","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"details":{"type":"object","required":["subject","content"],"properties":{"subject":{"type":"string"},"content":{"type":"string"},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}]},"replyTo":{"type":"string"},"sendFrom":{"type":"string"}}},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Replace email templates","description":"Create or replace a list of email templates. If an email template with the same language tag and template type already exists, its details will be updated."},"get":{"operationId":"ListEmailTemplates","tags":["Email templates"],"parameters":[{"name":"languageTag","in":"query","required":false,"schema":{"type":"string","minLength":1,"maxLength":16},"description":"The language tag of the email template, e.g., `en` or `fr`."},{"name":"templateType","in":"query","required":false,"schema":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"description":"The type of the email template, e.g. `SignIn` or `ForgotPassword`"}],"responses":{"200":{"description":"The list of matched email templates. Returns empty list, if no email template is found.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","languageTag","templateType","details","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"details":{"type":"object","required":["subject","content"],"properties":{"subject":{"type":"string"},"content":{"type":"string"},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}]},"replyTo":{"type":"string"},"sendFrom":{"type":"string"}}},"createdAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get email templates","description":"Get the list of email templates."},"delete":{"operationId":"DeleteEmailTemplates","tags":["Email templates"],"parameters":[{"name":"languageTag","in":"query","required":false,"schema":{"type":"string","minLength":1,"maxLength":16},"description":"The language tag of the email template, e.g., `en` or `fr`."},{"name":"templateType","in":"query","required":false,"schema":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"description":"The type of the email template, e.g. `SignIn` or `ForgotPassword`"}],"responses":{"200":{"description":"The email templates were deleted successfully.","content":{"application/json":{"schema":{"type":"object","required":["rowCount"],"properties":{"rowCount":{"type":"number","description":"The number of email templates deleted."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"No filter query parameters were provided. This bulk deletion API requires at least one filter query parameter."}},"summary":"Delete email templates","description":"Bulk delete email templates by their language tag and template type."}},"/api/email-templates/{id}":{"get":{"operationId":"GetEmailTemplate","tags":["Email templates"],"parameters":[{"$ref":"#/components/parameters/emailTemplateId-root"}],"responses":{"200":{"description":"The email template.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","languageTag","templateType","details","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"details":{"type":"object","required":["subject","content"],"properties":{"subject":{"type":"string"},"content":{"type":"string"},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}]},"replyTo":{"type":"string"},"sendFrom":{"type":"string"}}},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The email template was not found."}},"summary":"Get email template by ID","description":"Get the email template by its ID."},"delete":{"operationId":"DeleteEmailTemplate","tags":["Email templates"],"parameters":[{"$ref":"#/components/parameters/emailTemplateId-root"}],"responses":{"204":{"description":"The email template was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The email template was not found."}},"summary":"Delete an email template","description":"Delete an email template by its ID."}},"/api/email-templates/{id}/details":{"patch":{"operationId":"UpdateEmailTemplateDetails","tags":["Email templates"],"parameters":[{"$ref":"#/components/parameters/emailTemplateId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"subject":{"type":"string","description":"The template of the email subject."},"content":{"type":"string","description":"The template of the email body."},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}],"description":"The content type of the email body. (Only required by some specific email providers.)"},"replyTo":{"type":"string","description":"The reply name template of the email. If not provided, the target email address will be used. (The render logic may differ based on the email provider.)"},"sendFrom":{"type":"string","description":"The send from name template of the email. If not provided, the default Logto email address will be used. (The render logic may differ based on the email provider.)"}}}}}},"responses":{"200":{"description":"The updated email template.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","languageTag","templateType","details","createdAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"languageTag":{"type":"string","minLength":1,"maxLength":16},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"details":{"type":"object","required":["subject","content"],"properties":{"subject":{"type":"string"},"content":{"type":"string"},"contentType":{"oneOf":[{"type":"string","format":"\"text/html\""},{"type":"string","format":"\"text/plain\""}]},"replyTo":{"type":"string"},"sendFrom":{"type":"string"}}},"createdAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The email template was not found."}},"summary":"Update email template details","description":"Update the details of an email template by its ID."}},"/api/one-time-tokens":{"get":{"operationId":"ListOneTimeTokens","tags":["One-time tokens"],"parameters":[{"name":"email","in":"query","required":false,"schema":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"},"description":"Filter one-time tokens by email address."},{"name":"status","in":"query","required":false,"schema":{"type":"string","enum":["active","consumed","revoked","expired"]},"description":"Filter one-time tokens by status."},{"name":"page","in":"query","description":"Page number (starts from 1).","required":false,"schema":{"type":"integer","minimum":1,"default":1}},{"name":"page_size","in":"query","description":"Entries per page.","required":false,"schema":{"type":"integer","minimum":1,"default":20}}],"responses":{"200":{"description":"A list of one-time tokens.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","email","token","context","status","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"email":{"type":"string","minLength":1,"maxLength":128},"token":{"type":"string","minLength":1,"maxLength":256},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}},"status":{"type":"string","enum":["active","consumed","revoked","expired"]},"createdAt":{"type":"number"},"expiresAt":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get one-time tokens","description":"Get a list of one-time tokens, filtering by email and status, with optional pagination."},"post":{"operationId":"AddOneTimeTokens","tags":["One-time tokens"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["email"],"properties":{"email":{"type":"string","minLength":1,"maxLength":128,"description":"The email address to associate with the one-time token."},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}},"description":"Additional context to store with the one-time token. This can be used to store arbitrary data that will be associated with the token."},"expiresIn":{"type":"number","description":"The expiration time in seconds. If not provided, defaults to 10 mins (600 seconds)."}}}}}},"responses":{"201":{"description":"The one-time token was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","email","token","context","status","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"email":{"type":"string","minLength":1,"maxLength":128},"token":{"type":"string","minLength":1,"maxLength":256},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}},"status":{"type":"string","enum":["active","consumed","revoked","expired"]},"createdAt":{"type":"number"},"expiresAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Create one-time token","description":"Create a new one-time token associated with an email address. The token can be used for verification purposes and has an expiration time."}},"/api/one-time-tokens/{id}":{"get":{"operationId":"GetOneTimeToken","tags":["One-time tokens"],"parameters":[{"$ref":"#/components/parameters/oneTimeTokenId-root"}],"responses":{"200":{"description":"The one-time token found by ID.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","email","token","context","status","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"email":{"type":"string","minLength":1,"maxLength":128},"token":{"type":"string","minLength":1,"maxLength":256},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}},"status":{"type":"string","enum":["active","consumed","revoked","expired"]},"createdAt":{"type":"number"},"expiresAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get one-time token by ID","description":"Get a one-time token by its ID."},"delete":{"operationId":"DeleteOneTimeToken","tags":["One-time tokens"],"parameters":[{"$ref":"#/components/parameters/oneTimeTokenId-root"}],"responses":{"204":{"description":"The one-time token was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete one-time token by ID","description":"Delete a one-time token by its ID."}},"/api/one-time-tokens/verify":{"post":{"operationId":"VerifyOneTimeToken","tags":["One-time tokens"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["token","email"],"properties":{"token":{"type":"string","minLength":1,"maxLength":256,"description":"The one-time token to verify."},"email":{"type":"string","minLength":1,"maxLength":128,"description":"The email address associated with the one-time token."}}}}}},"responses":{"200":{"description":"The one-time token was verified successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","email","token","context","status","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"email":{"type":"string","minLength":1,"maxLength":128},"token":{"type":"string","minLength":1,"maxLength":256},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}},"status":{"type":"string","enum":["active","consumed","revoked","expired"]},"createdAt":{"type":"number"},"expiresAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Verify one-time token","description":"Verify a one-time token associated with an email address. If the token is valid and not expired, it will be marked as consumed."}},"/api/one-time-tokens/{id}/status":{"put":{"operationId":"ReplaceOneTimeTokenStatus","tags":["One-time tokens"],"parameters":[{"$ref":"#/components/parameters/oneTimeTokenId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["status"],"properties":{"status":{"type":"string","enum":["active","consumed","revoked","expired"],"description":"The new status of the one-time token."}}}}}},"responses":{"200":{"description":"The one-time token status was updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","email","token","context","status","createdAt","expiresAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"email":{"type":"string","minLength":1,"maxLength":128},"token":{"type":"string","minLength":1,"maxLength":256},"context":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}},"status":{"type":"string","enum":["active","consumed","revoked","expired"]},"createdAt":{"type":"number"},"expiresAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update one-time token status","description":"Update the status of a one-time token by its ID. This can be used to mark the token as consumed or expired."}},"/api/captcha-provider":{"get":{"operationId":"GetCaptchaProvider","tags":["Captcha provider"],"parameters":[],"responses":{"200":{"description":"Captcha provider.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","config","createdAt","updatedAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"config":{"oneOf":[{"type":"object","required":["type","siteKey","secretKey"],"properties":{"type":{"type":"string","format":"\"Turnstile\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"}}},{"type":"object","required":["type","siteKey","secretKey","projectId"],"properties":{"type":{"type":"string","format":"\"RecaptchaEnterprise\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"},"projectId":{"type":"string"},"domain":{"type":"string"},"mode":{"type":"string","enum":["invisible","checkbox"]}}}]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Captcha provider not found."}},"summary":"Get captcha provider","description":"Get the captcha provider, you can only have one captcha provider."},"put":{"operationId":"UpdateCaptchaProvider","tags":["Captcha provider"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["config"],"properties":{"config":{"oneOf":[{"type":"object","required":["type","siteKey","secretKey"],"properties":{"type":{"type":"string","format":"\"Turnstile\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"}}},{"type":"object","required":["type","siteKey","secretKey","projectId"],"properties":{"type":{"type":"string","format":"\"RecaptchaEnterprise\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"},"projectId":{"type":"string"},"domain":{"type":"string"},"mode":{"type":"string","enum":["invisible","checkbox"]}}}],"description":"The captcha provider config."}}}}}},"responses":{"200":{"description":"Updated captcha provider.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","config","createdAt","updatedAt"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":128},"config":{"oneOf":[{"type":"object","required":["type","siteKey","secretKey"],"properties":{"type":{"type":"string","format":"\"Turnstile\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"}}},{"type":"object","required":["type","siteKey","secretKey","projectId"],"properties":{"type":{"type":"string","format":"\"RecaptchaEnterprise\""},"siteKey":{"type":"string"},"secretKey":{"type":"string"},"projectId":{"type":"string"},"domain":{"type":"string"},"mode":{"type":"string","enum":["invisible","checkbox"]}}}]},"createdAt":{"type":"number"},"updatedAt":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update captcha provider","description":"Update the captcha provider with the provided settings."},"delete":{"operationId":"DeleteCaptchaProvider","tags":["Captcha provider"],"parameters":[],"responses":{"204":{"description":"Captcha provider deleted."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete captcha provider","description":"Delete the captcha provider."}},"/api/sentinel-activities/delete":{"post":{"operationId":"DeleteSentinelActivities","tags":["Sentinel activities"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["targetType","targets"],"properties":{"targetType":{"type":"string","enum":["User","App"]},"targets":{"type":"array","items":{"type":"string"}}}}}}},"responses":{"204":{"description":"Activities deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Bulk delete sentinel activities","description":"Remove sentinel activity reports based on the provided target value(identifier).Use this endpoint to unblock users who may be locked out due to too many failed authentication attempts."}},"/api/custom-profile-fields":{"get":{"operationId":"ListCustomProfileFields","tags":["Custom profile fields"],"parameters":[],"responses":{"200":{"description":"Custom profile fields ordered by sieOrder (Sign-in Experience order).","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get all custom profile fields","description":"Get all custom profile fields."},"post":{"operationId":"CreateCustomProfileField","tags":["Custom profile fields"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Text\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minLength":{"type":"number"},"maxLength":{"type":"number"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Number\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minValue":{"type":"number"},"maxValue":{"type":"number"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Date\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"},"customFormat":{"type":"string"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Checkbox\""},"label":{"type":"string","minLength":1},"required":{"type":"boolean","format":"false"},"config":{"type":"object","required":["defaultValue"],"properties":{"defaultValue":{"oneOf":[{"type":"string","format":"\"true\""},{"type":"string","format":"\"false\""}]}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Select\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["options"],"properties":{"placeholder":{"type":"string"},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Url\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Regex\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Address\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["formatted","streetAddress","locality","region","postalCode","country"]}}}}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Fullname\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["givenName","middleName","familyName"]}}}}}}}}]}}}},"responses":{"201":{"description":"Created","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Create a custom profile field","description":"Create a custom profile field."}},"/api/custom-profile-fields/{name}":{"get":{"operationId":"GetCustomProfileFieldByName","tags":["Custom profile fields"],"parameters":[{"name":"name","in":"path","required":true,"schema":{"type":"string","minLength":1}}],"responses":{"200":{"description":"Custom profile field found successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Get a custom profile field by name","description":"Get a custom profile field by name."},"put":{"operationId":"UpdateCustomProfileFieldByName","tags":["Custom profile fields"],"parameters":[{"name":"name","in":"path","required":true,"schema":{"type":"string","minLength":1}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["type","required"],"properties":{"type":{"type":"string","format":"\"Text\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minLength":{"type":"number"},"maxLength":{"type":"number"}}}}},{"type":"object","required":["type","required"],"properties":{"type":{"type":"string","format":"\"Number\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minValue":{"type":"number"},"maxValue":{"type":"number"}}}}},{"type":"object","required":["type","required"],"properties":{"type":{"type":"string","format":"\"Date\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"},"customFormat":{"type":"string"}}}}},{"type":"object","required":["type","required"],"properties":{"type":{"type":"string","format":"\"Checkbox\""},"label":{"type":"string","minLength":1},"required":{"type":"boolean","format":"false"},"config":{"type":"object","required":["defaultValue"],"properties":{"defaultValue":{"oneOf":[{"type":"string","format":"\"true\""},{"type":"string","format":"\"false\""}]}}}}},{"type":"object","required":["type","required","config"],"properties":{"type":{"type":"string","format":"\"Select\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["options"],"properties":{"placeholder":{"type":"string"},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}}}}}},{"type":"object","required":["type","required"],"properties":{"type":{"type":"string","format":"\"Url\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"}}}}},{"type":"object","required":["type","required","config"],"properties":{"type":{"type":"string","format":"\"Regex\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"}}}}},{"type":"object","required":["type","required","config"],"properties":{"type":{"type":"string","format":"\"Address\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["formatted","streetAddress","locality","region","postalCode","country"]}}}}}}}},{"type":"object","required":["type","required","config"],"properties":{"type":{"type":"string","format":"\"Fullname\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["givenName","middleName","familyName"]}}}}}}}}]}}}},"responses":{"200":{"description":"Custom profile field updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Update a custom profile field by name","description":"Update a custom profile field by name."},"delete":{"operationId":"DeleteCustomProfileFieldByName","tags":["Custom profile fields"],"parameters":[{"name":"name","in":"path","required":true,"schema":{"type":"string","minLength":1}}],"responses":{"204":{"description":"Custom profile field deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Delete a custom profile field by name","description":"Delete a custom profile field by name."}},"/api/custom-profile-fields/batch":{"post":{"operationId":"CreateCustomProfileFieldsBatch","tags":["Custom profile fields"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"array","items":{"oneOf":[{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Text\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minLength":{"type":"number"},"maxLength":{"type":"number"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Number\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"},"minValue":{"type":"number"},"maxValue":{"type":"number"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Date\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"},"customFormat":{"type":"string"}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Checkbox\""},"label":{"type":"string","minLength":1},"required":{"type":"boolean","format":"false"},"config":{"type":"object","required":["defaultValue"],"properties":{"defaultValue":{"oneOf":[{"type":"string","format":"\"true\""},{"type":"string","format":"\"false\""}]}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Select\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["options"],"properties":{"placeholder":{"type":"string"},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}}}}}},{"type":"object","required":["name","type","required"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Url\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string"}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Regex\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["format"],"properties":{"placeholder":{"type":"string"},"format":{"type":"string"}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Address\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["formatted","streetAddress","locality","region","postalCode","country"]}}}}}}}},{"type":"object","required":["name","type","required","config"],"properties":{"name":{"type":"string"},"type":{"type":"string","format":"\"Fullname\""},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","required":["parts"],"properties":{"parts":{"type":"array","items":{"type":"object","required":["enabled","type","required","name"],"properties":{"enabled":{"type":"boolean"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}},"name":{"type":"string","enum":["givenName","middleName","familyName"]}}}}}}}}]}}}}},"responses":{"201":{"description":"Custom profile fields created successfully.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Batch create custom profile fields","description":"Create multiple custom profile fields in a single request (max 20 items)."}},"/api/custom-profile-fields/properties/sie-order":{"post":{"operationId":"UpdateCustomProfileFieldsSieOrder","tags":["Custom profile fields"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["order"],"properties":{"order":{"type":"array","items":{"type":"object","required":["name","sieOrder"],"properties":{"name":{"type":"string"},"sieOrder":{"type":"number"}}}}}}}}},"responses":{"200":{"description":"Custom profile fields updated successfully.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update the display order of the custom profile fields in Sign-in Experience.","description":"Update the display order of the custom profile fields in Sign-in Experience."}},"/api/secrets/{id}":{"delete":{"operationId":"DeleteSecret","tags":["Secrets"],"parameters":[{"$ref":"#/components/parameters/secretId-root"}],"responses":{"204":{"description":"The secret was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The secret with the specified ID was not found."}},"summary":"Delete secret","description":"Delete a secret by its ID."}},"/api/.well-known/sign-in-exp":{"get":{"operationId":"GetSignInExperienceConfig","tags":["Well-known"],"parameters":[{"name":"organizationId","in":"query","required":false,"schema":{"type":"string"}},{"name":"appId","in":"query","required":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"The full sign-in experience configuration.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","color","branding","hideLogtoBranding","languageInfo","termsOfUseUrl","privacyPolicyUrl","agreeToTermsPolicy","signIn","signUp","socialSignIn","socialSignInConnectorTargets","signInMode","customCss","customContent","customUiAssets","passwordPolicy","mfa","adaptiveMfa","singleSignOnEnabled","supportEmail","supportWebsiteUrl","unknownSessionRedirectUrl","captchaPolicy","sentinelPolicy","emailBlocklistPolicy","passkeySignIn","socialConnectors","ssoConnectors","forgotPassword","isDevelopmentTenant","customProfileFields"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","required":["primaryColor","isDarkModeEnabled","darkPrimaryColor"],"properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"hideLogtoBranding":{"type":"boolean"},"languageInfo":{"type":"object","required":["autoDetect","fallbackLanguage"],"properties":{"autoDetect":{"type":"boolean"},"fallbackLanguage":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"agreeToTermsPolicy":{"type":"string","enum":["Automatic","ManualRegistrationOnly","Manual"]},"signIn":{"type":"object","required":["methods"],"properties":{"methods":{"type":"array","items":{"type":"object","required":["identifier","password","verificationCode","isPasswordPrimary"],"properties":{"identifier":{"type":"string","enum":["username","email","phone"]},"password":{"type":"boolean"},"verificationCode":{"type":"boolean"},"isPasswordPrimary":{"type":"boolean"}}}}}},"signUp":{"type":"object","required":["identifiers","password","verify"],"properties":{"identifiers":{"type":"array","items":{"type":"string","enum":["username","email","phone"]}},"password":{"type":"boolean"},"verify":{"type":"boolean"},"secondaryIdentifiers":{"type":"array","items":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["emailOrPhone"]}]},"verify":{"type":"boolean"}}}}}},"socialSignIn":{"type":"object","properties":{"automaticAccountLinking":{"type":"boolean"},"skipRequiredIdentifiers":{"type":"boolean"}}},"socialSignInConnectorTargets":{"type":"array","items":{"type":"string"}},"signInMode":{"type":"string","enum":["SignIn","Register","SignInAndRegister"]},"customCss":{"type":"string","nullable":true},"customContent":{"type":"object","additionalProperties":{"type":"string"}},"customUiAssets":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"}},"nullable":true},"passwordPolicy":{"type":"object","properties":{"length":{"default":{},"type":"object","required":["min","max"],"properties":{"min":{"default":8,"type":"number"},"max":{"default":256,"type":"number"}}},"characterTypes":{"default":{},"type":"object","required":["min"],"properties":{"min":{"default":1,"type":"number"}}},"rejects":{"default":{},"type":"object","required":["pwned","repetitionAndSequence","userInfo","words"],"properties":{"pwned":{"default":true,"type":"boolean"},"repetitionAndSequence":{"default":true,"type":"boolean"},"userInfo":{"default":true,"type":"boolean"},"words":{"default":[],"type":"array","items":{"type":"string"}}}}}},"mfa":{"type":"object","required":["factors","policy"],"properties":{"factors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"policy":{"type":"string","enum":["UserControlled","Mandatory","PromptOnlyAtSignIn","PromptAtSignInAndSignUp","NoPrompt","PromptAtSignInAndSignUpMandatory","PromptOnlyAtSignInMandatory"]},"organizationRequiredMfaPolicy":{"type":"string","enum":["NoPrompt","Mandatory"]}}},"adaptiveMfa":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"singleSignOnEnabled":{"type":"boolean"},"supportEmail":{"type":"string","nullable":true},"supportWebsiteUrl":{"type":"string","nullable":true},"unknownSessionRedirectUrl":{"type":"string","nullable":true},"captchaPolicy":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"sentinelPolicy":{"type":"object","properties":{"maxAttempts":{"type":"number"},"lockoutDuration":{"type":"number"}}},"emailBlocklistPolicy":{"type":"object","properties":{"blockDisposableAddresses":{"type":"boolean"},"blockSubaddressing":{"type":"boolean"},"customBlocklist":{"type":"array","items":{"type":"string"}}}},"passkeySignIn":{"type":"object","properties":{"enabled":{"type":"boolean"},"showPasskeyButton":{"type":"boolean"},"allowAutofill":{"type":"boolean"}}},"socialConnectors":{"type":"array","items":{"type":"object","required":["id","target","name","logo","logoDark","platform"],"properties":{"id":{"type":"string"},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"}}}},"ssoConnectors":{"type":"array","items":{"type":"object","required":["id","connectorName","logo"],"properties":{"id":{"type":"string"},"connectorName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}}},"forgotPassword":{"type":"object","required":["phone","email"],"properties":{"phone":{"type":"boolean"},"email":{"type":"boolean"}}},"isDevelopmentTenant":{"type":"boolean"},"googleOneTap":{"type":"object","required":["clientId","connectorId"],"properties":{"isEnabled":{"type":"boolean"},"autoSelect":{"type":"boolean"},"closeOnTapOutside":{"type":"boolean"},"itpSupport":{"type":"boolean"},"clientId":{"type":"string"},"connectorId":{"type":"string"}}},"captchaConfig":{"type":"object","required":["type","siteKey"],"properties":{"type":{"type":"string","enum":["RecaptchaEnterprise","Turnstile"]},"siteKey":{"type":"string"},"domain":{"type":"string"},"mode":{"type":"string","enum":["invisible","checkbox"]}}},"customProfileFields":{"type":"array","items":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}}}}},"400":{"description":"Bad Request"}},"security":[],"deprecated":true,"summary":"Get full sign-in experience","description":"Get the full sign-in experience configuration."}},"/api/.well-known/phrases":{"get":{"operationId":"GetSignInExperiencePhrases","tags":["Well-known"],"parameters":[{"name":"lng","in":"query","required":false,"schema":{"type":"string"},"description":"The language tag for localization."}],"responses":{"200":{"description":"Localized phrases for the specified language.","content":{"application/json":{"schema":{"type":"object","additionalProperties":{"oneOf":[{"type":"string"},{"type":"object","additionalProperties":{"example":{}}}]}}}}},"400":{"description":"Bad Request"}},"security":[],"summary":"Get localized phrases","description":"Get localized phrases based on the specified language."}},"/api/.well-known/experience":{"get":{"operationId":"GetWellKnownExperience","tags":["Well-known"],"parameters":[{"name":"organizationId","in":"query","required":false,"schema":{"type":"string"}},{"name":"appId","in":"query","required":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"The full sign-in experience configuration.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","color","branding","hideLogtoBranding","languageInfo","termsOfUseUrl","privacyPolicyUrl","agreeToTermsPolicy","signIn","signUp","socialSignIn","socialSignInConnectorTargets","signInMode","customCss","customContent","customUiAssets","passwordPolicy","mfa","adaptiveMfa","singleSignOnEnabled","supportEmail","supportWebsiteUrl","unknownSessionRedirectUrl","captchaPolicy","sentinelPolicy","emailBlocklistPolicy","passkeySignIn","socialConnectors","ssoConnectors","forgotPassword","isDevelopmentTenant","customProfileFields"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"color":{"type":"object","required":["primaryColor","isDarkModeEnabled","darkPrimaryColor"],"properties":{"primaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"},"isDarkModeEnabled":{"type":"boolean"},"darkPrimaryColor":{"type":"string","format":"regex","pattern":"/^#[\\da-f]{3}([\\da-f]{3})?$/i"}}},"branding":{"type":"object","properties":{"logoUrl":{"type":"string","format":"url"},"darkLogoUrl":{"type":"string","format":"url"},"favicon":{"type":"string","format":"url"},"darkFavicon":{"type":"string","format":"url"}}},"hideLogtoBranding":{"type":"boolean"},"languageInfo":{"type":"object","required":["autoDetect","fallbackLanguage"],"properties":{"autoDetect":{"type":"boolean"},"fallbackLanguage":{"type":"string","enum":["af-ZA","am-ET","ar","ar-AR","as-IN","az-AZ","be-BY","bg-BG","bn-IN","br-FR","bs-BA","ca-ES","cb-IQ","co-FR","cs-CZ","cx-PH","cy-GB","da-DK","de","de-DE","el-GR","en","en-GB","en-US","eo-EO","es","es-ES","es-419","et-EE","eu-ES","fa-IR","ff-NG","fi","fi-FI","fo-FO","fr","fr-CA","fr-FR","fy-NL","ga-IE","gl-ES","gn-PY","gu-IN","ha-NG","he-IL","hi-IN","hr-HR","ht-HT","hu-HU","hy-AM","id-ID","ik-US","is-IS","it","it-IT","iu-CA","ja","ja-JP","ja-KS","jv-ID","ka-GE","kk-KZ","km-KH","kn-IN","ko","ko-KR","ku-TR","ky-KG","lo-LA","lt-LT","lv-LV","mg-MG","mk-MK","ml-IN","mn-MN","mr-IN","ms-MY","mt-MT","my-MM","nb-NO","ne-NP","nl","nl-BE","nl-NL","nn-NO","or-IN","pa-IN","pl-PL","ps-AF","pt","pt-BR","pt-PT","ro-RO","ru","ru-RU","rw-RW","sc-IT","si-LK","sk-SK","sl-SI","sn-ZW","sq-AL","sr-RS","sv","sv-SE","sw-KE","sy-SY","sz-PL","ta-IN","te-IN","tg-TJ","th","th-TH","tl-PH","tr","tr-TR","tt-RU","tz-MA","uk-UA","ur-PK","uz-UZ","vi-VN","zh","zh-CN","zh-HK","zh-MO","zh-TW","zz-TR"]}}},"termsOfUseUrl":{"type":"string","maxLength":2048,"nullable":true},"privacyPolicyUrl":{"type":"string","maxLength":2048,"nullable":true},"agreeToTermsPolicy":{"type":"string","enum":["Automatic","ManualRegistrationOnly","Manual"]},"signIn":{"type":"object","required":["methods"],"properties":{"methods":{"type":"array","items":{"type":"object","required":["identifier","password","verificationCode","isPasswordPrimary"],"properties":{"identifier":{"type":"string","enum":["username","email","phone"]},"password":{"type":"boolean"},"verificationCode":{"type":"boolean"},"isPasswordPrimary":{"type":"boolean"}}}}}},"signUp":{"type":"object","required":["identifiers","password","verify"],"properties":{"identifiers":{"type":"array","items":{"type":"string","enum":["username","email","phone"]}},"password":{"type":"boolean"},"verify":{"type":"boolean"},"secondaryIdentifiers":{"type":"array","items":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["emailOrPhone"]}]},"verify":{"type":"boolean"}}}}}},"socialSignIn":{"type":"object","properties":{"automaticAccountLinking":{"type":"boolean"},"skipRequiredIdentifiers":{"type":"boolean"}}},"socialSignInConnectorTargets":{"type":"array","items":{"type":"string"}},"signInMode":{"type":"string","enum":["SignIn","Register","SignInAndRegister"]},"customCss":{"type":"string","nullable":true},"customContent":{"type":"object","additionalProperties":{"type":"string"}},"customUiAssets":{"type":"object","required":["id","createdAt"],"properties":{"id":{"type":"string"},"createdAt":{"type":"number"}},"nullable":true},"passwordPolicy":{"type":"object","properties":{"length":{"default":{},"type":"object","required":["min","max"],"properties":{"min":{"default":8,"type":"number"},"max":{"default":256,"type":"number"}}},"characterTypes":{"default":{},"type":"object","required":["min"],"properties":{"min":{"default":1,"type":"number"}}},"rejects":{"default":{},"type":"object","required":["pwned","repetitionAndSequence","userInfo","words"],"properties":{"pwned":{"default":true,"type":"boolean"},"repetitionAndSequence":{"default":true,"type":"boolean"},"userInfo":{"default":true,"type":"boolean"},"words":{"default":[],"type":"array","items":{"type":"string"}}}}}},"mfa":{"type":"object","required":["factors","policy"],"properties":{"factors":{"type":"array","items":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]}},"policy":{"type":"string","enum":["UserControlled","Mandatory","PromptOnlyAtSignIn","PromptAtSignInAndSignUp","NoPrompt","PromptAtSignInAndSignUpMandatory","PromptOnlyAtSignInMandatory"]},"organizationRequiredMfaPolicy":{"type":"string","enum":["NoPrompt","Mandatory"]}}},"adaptiveMfa":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"singleSignOnEnabled":{"type":"boolean"},"supportEmail":{"type":"string","nullable":true},"supportWebsiteUrl":{"type":"string","nullable":true},"unknownSessionRedirectUrl":{"type":"string","nullable":true},"captchaPolicy":{"type":"object","properties":{"enabled":{"type":"boolean"}}},"sentinelPolicy":{"type":"object","properties":{"maxAttempts":{"type":"number"},"lockoutDuration":{"type":"number"}}},"emailBlocklistPolicy":{"type":"object","properties":{"blockDisposableAddresses":{"type":"boolean"},"blockSubaddressing":{"type":"boolean"},"customBlocklist":{"type":"array","items":{"type":"string"}}}},"passkeySignIn":{"type":"object","properties":{"enabled":{"type":"boolean"},"showPasskeyButton":{"type":"boolean"},"allowAutofill":{"type":"boolean"}}},"socialConnectors":{"type":"array","items":{"type":"object","required":["id","target","name","logo","logoDark","platform"],"properties":{"id":{"type":"string"},"target":{"type":"string"},"name":{"type":"object","description":"Validator function"},"logo":{"type":"string"},"logoDark":{"type":"string","nullable":true},"fromEmail":{"type":"string"},"platform":{"type":"string","enum":["Native","Universal","Web"],"nullable":true},"isStandard":{"type":"boolean"},"isTokenStorageSupported":{"type":"boolean"}}}},"ssoConnectors":{"type":"array","items":{"type":"object","required":["id","connectorName","logo"],"properties":{"id":{"type":"string"},"connectorName":{"type":"string"},"logo":{"type":"string"},"darkLogo":{"type":"string"}}}},"forgotPassword":{"type":"object","required":["phone","email"],"properties":{"phone":{"type":"boolean"},"email":{"type":"boolean"}}},"isDevelopmentTenant":{"type":"boolean"},"googleOneTap":{"type":"object","required":["clientId","connectorId"],"properties":{"isEnabled":{"type":"boolean"},"autoSelect":{"type":"boolean"},"closeOnTapOutside":{"type":"boolean"},"itpSupport":{"type":"boolean"},"clientId":{"type":"string"},"connectorId":{"type":"string"}}},"captchaConfig":{"type":"object","required":["type","siteKey"],"properties":{"type":{"type":"string","enum":["RecaptchaEnterprise","Turnstile"]},"siteKey":{"type":"string"},"domain":{"type":"string"},"mode":{"type":"string","enum":["invisible","checkbox"]}}},"customProfileFields":{"type":"array","items":{"type":"object","required":["tenantId","id","name","type","label","description","required","config","createdAt","sieOrder"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"name":{"type":"string","minLength":1,"maxLength":128},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","maxLength":128},"description":{"type":"string","maxLength":256,"nullable":true},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"},"parts":{"type":"array","items":{"type":"object","required":["enabled","name","type","required"],"properties":{"enabled":{"type":"boolean"},"name":{"type":"string"},"type":{"type":"string","enum":["Text","Number","Date","Checkbox","Select","Url","Regex","Address","Fullname"]},"label":{"type":"string","minLength":1},"description":{"type":"string"},"required":{"type":"boolean"},"config":{"type":"object","properties":{"placeholder":{"type":"string","maxLength":256},"minLength":{"type":"number"},"maxLength":{"type":"number"},"minValue":{"type":"number"},"maxValue":{"type":"number"},"format":{"type":"string","maxLength":128},"customFormat":{"type":"string","maxLength":128},"options":{"type":"array","items":{"type":"object","required":["value"],"properties":{"label":{"type":"string"},"value":{"type":"string"}}}},"defaultValue":{"type":"string"}}}}}}}},"createdAt":{"type":"number"},"sieOrder":{"type":"number"}}}}}}}}},"400":{"description":"Bad Request"}},"security":[],"summary":"Get full sign-in experience","description":"Get the full sign-in experience configuration."}},"/api/.well-known/account-center":{"get":{"operationId":"GetWellKnownAccountCenter","tags":["Well-known"],"parameters":[],"responses":{"200":{"description":"The default account center configuration.","content":{"application/json":{"schema":{"type":"object","required":["tenantId","id","enabled","fields","webauthnRelatedOrigins"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"enabled":{"type":"boolean"},"fields":{"type":"object","properties":{"name":{"type":"string","enum":["Off","ReadOnly","Edit"]},"avatar":{"type":"string","enum":["Off","ReadOnly","Edit"]},"profile":{"type":"string","enum":["Off","ReadOnly","Edit"]},"email":{"type":"string","enum":["Off","ReadOnly","Edit"]},"phone":{"type":"string","enum":["Off","ReadOnly","Edit"]},"password":{"type":"string","enum":["Off","ReadOnly","Edit"]},"username":{"type":"string","enum":["Off","ReadOnly","Edit"]},"social":{"type":"string","enum":["Off","ReadOnly","Edit"]},"customData":{"type":"string","enum":["Off","ReadOnly","Edit"]},"mfa":{"type":"string","enum":["Off","ReadOnly","Edit"]},"session":{"type":"string","enum":["Off","ReadOnly","Edit"]}}},"webauthnRelatedOrigins":{"type":"array","items":{"type":"string"}}}}}}}},"security":[],"summary":"Get default account center","description":"Get the default account center configuration."}},"/api/status":{"get":{"operationId":"GetStatus","tags":["Status"],"parameters":[],"responses":{"204":{"description":"The Logto core service is healthy."}},"security":[],"summary":"Health check","description":"The traditional health check API. No authentication needed.\n\n> **Note**\n> Even if 204 is returned, it does not guarantee all the APIs are working properly since they may depend on additional resources or external services."}},"/api/authn/hasura":{"get":{"operationId":"GetHasuraAuth","tags":["Authn"],"parameters":[{"name":"resource","in":"query","required":true,"schema":{"type":"string","minLength":1}},{"name":"unauthorizedRole","in":"query","required":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"The authenticated user claims in Hasura format. See [Hasura docs](https://hasura.io/docs/latest/auth/authentication/webhook/#webhook-response) for more information.","content":{"application/json":{"schema":{"type":"object","properties":{"X-Hasura-User-Id":{"type":"string"},"X-Hasura-Role":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"}},"security":[],"summary":"Hasura auth hook endpoint","description":"The `HASURA_GRAPHQL_AUTH_HOOK` endpoint for Hasura auth. Use this endpoint to integrate Hasura's [webhook authentication flow](https://hasura.io/docs/latest/auth/authentication/webhook/)."}},"/api/authn/saml/{connectorId}":{"post":{"operationId":"AssertSaml","tags":["Authn"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","description":"arbitrary"}}}},"responses":{"302":{"description":"Redirect to the endpoint to complete the authentication flow."},"400":{"description":"Bad Request"},"404":{"description":"Not Found"}},"security":[],"summary":"SAML ACS endpoint (social)","description":"The Assertion Consumer Service (ACS) endpoint for Simple Assertion Markup Language (SAML) social connectors.\n\nSAML social connectors are deprecated. Use the SSO SAML connector instead.","deprecated":true}},"/api/authn/single-sign-on/saml/{connectorId}":{"post":{"operationId":"AssertSingleSignOnSaml","tags":["Authn"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["SAMLResponse"],"properties":{"RelayState":{"type":"string","description":"SAML standard parameter that will be transmitted between the identity provider and the service provider. It will be used as the session ID (jti) of the user's Logto authentication session. This API will use this session ID to retrieve the SSO connector authentication session from the database."},"SAMLResponse":{"type":"string","description":"The SAML assertion response from the identity provider (IdP)."}}}}}},"responses":{"302":{"description":"Redirect to the endpoint to complete the authentication flow."},"400":{"description":"Invalid SAML assertion response."},"404":{"description":"Invalid SSO connector ID or SSO connector authentication session not found."}},"security":[],"summary":"SAML ACS endpoint (SSO)","description":"The Assertion Consumer Service (ACS) endpoint for Simple Assertion Markup Language (SAML) single sign-on (SSO) connectors.\n\nThis endpoint is used to complete the SAML SSO authentication flow. It receives the SAML assertion response from the identity provider (IdP) and redirects the user to complete the authentication flow."}},"/api/saml-applications/{id}/metadata":{"get":{"operationId":"ListSamlApplicationMetadata","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"}],"responses":{"200":{"description":"The SAML metadata XML.","content":{"application/json":{"schema":{"type":"string"}},"text/xml":{"schema":{"type":"string"}}}},"400":{"description":"Bad Request"},"404":{"description":"The SAML application was not found."}},"summary":"Get SAML application metadata","description":"Get the SAML metadata XML for the application."}},"/api/saml-applications/{id}/callback":{"get":{"operationId":"GetSamlApplicationCallback","tags":["SAML applications"],"parameters":[{"$ref":"#/components/parameters/samlApplicationId-root"},{"name":"code","in":"query","required":false,"schema":{"type":"string"},"description":"The authorization code from OIDC callback."},{"name":"state","in":"query","required":false,"schema":{"type":"string"},"description":"The state parameter from OIDC callback."},{"name":"redirectUri","in":"query","required":false,"schema":{"type":"string"},"description":"The redirect URI for the callback."},{"name":"error","in":"query","required":false,"schema":{"type":"string"}},{"name":"error_description","in":"query","required":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"Returns an HTML form that automatically submits the SAML response.","content":{"application/json":{}}},"400":{"description":"Invalid request or OIDC error."},"404":{"description":"The SAML application was not found."}},"summary":"SAML application callback","description":"Handle the OIDC callback for SAML application and generate SAML response."}},"/api/saml/{id}/authn":{"get":{"operationId":"GetSamlAuthn","tags":["SAML applications auth flow"],"parameters":[{"$ref":"#/components/parameters/samlId-root"},{"name":"SAMLRequest","in":"query","required":true,"schema":{"type":"string","minLength":1},"description":"The SAML request message."},{"name":"Signature","in":"query","required":false,"schema":{"type":"string"},"description":"The signature of the request."},{"name":"SigAlg","in":"query","required":false,"schema":{"type":"string"},"description":"The signature algorithm."},{"name":"RelayState","in":"query","required":false,"schema":{"type":"string","maxLength":512,"nullable":true},"description":"The relay state parameter."}],"responses":{"200":{"description":"OK","content":{"application/json":{}}},"302":{"description":"Redirects to the sign-in page."},"400":{"description":"Invalid SAML request."},"404":{"description":"The SAML application was not found."}},"summary":"Handle SAML authentication request (Redirect binding)","description":"Process SAML authentication request using HTTP Redirect binding."},"post":{"operationId":"CreateSamlAuthn","tags":["SAML applications auth flow"],"parameters":[{"$ref":"#/components/parameters/samlId-root"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["SAMLRequest"],"properties":{"SAMLRequest":{"type":"string","minLength":1},"RelayState":{"type":"string","maxLength":512,"nullable":true}}}},"application/x-www-form-urlencoded":{"schema":{"type":"object","required":["SAMLRequest"],"properties":{"SAMLRequest":{"type":"string","description":"Base64-encoded SAML request message."},"RelayState":{"type":"string","description":"Optional state parameter to be returned in the response."}}}}}},"responses":{"200":{"description":"OK","content":{"application/json":{}}},"302":{"description":"Redirects to the sign-in page."},"400":{"description":"Invalid SAML request."},"404":{"description":"The SAML application was not found."}},"summary":"Handle SAML authentication request (POST binding)","description":"Process SAML authentication request using HTTP POST binding."}},"/api/.well-known/management.openapi.json":{"get":{"operationId":"GetWellKnownManagementOpenapiJson","tags":["Well-known"],"parameters":[],"responses":{"200":{"description":"The JSON document.","content":{"application/json":{}}}},"security":[],"summary":"Get Management API swagger JSON","description":"The endpoint for the Management API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification."}},"/api/.well-known/experience.openapi.json":{"get":{"operationId":"GetWellKnownExperienceOpenapiJson","tags":["Well-known"],"parameters":[],"responses":{"200":{"description":"The JSON document.","content":{"application/json":{}}}},"security":[],"summary":"Get Experience API swagger JSON","description":"The endpoint for the Experience API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification."}},"/api/.well-known/user.openapi.json":{"get":{"operationId":"GetWellKnownUserOpenapiJson","tags":["Well-known"],"parameters":[],"responses":{"200":{"description":"The JSON document.","content":{"application/json":{}}}},"security":[],"summary":"Get User API swagger JSON","description":"The endpoint for the User API JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification."}},"/api/swagger.json":{"get":{"operationId":"GetSwaggerJson","tags":["Swagger.json"],"parameters":[],"responses":{"200":{"description":"The JSON document.","content":{"application/json":{}}}},"security":[],"summary":"Get Swagger JSON","description":"The endpoint for the current JSON document. The JSON conforms to the [OpenAPI v3.0.1](https://spec.openapis.org/oas/v3.0.1) (a.k.a. Swagger) specification."}},"/api/experience":{"put":{"operationId":"InitInteraction","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["interactionEvent"],"properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"captchaToken":{"type":"string"}}}}}},"responses":{"204":{"description":"A new experience interaction has been successfully initiated."},"400":{"description":"Bad Request"},"422":{"description":"Unprocessable Content"}},"security":[],"summary":"Init new interaction","description":"Init a new experience interaction with the given interaction type. Any existing interaction data will be cleared."}},"/api/experience/interaction-event":{"put":{"operationId":"UpdateInteractionEvent","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["interactionEvent"],"properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"],"description":"The type of the interaction event. Only `SignIn` and `Register` are supported."}}}}}},"responses":{"204":{"description":"The interaction event has been successfully updated."},"400":{"description":"The interaction event is invalid or cannot be updated.  Only `SignIn` and `Register` are interchangeable. If the current interaction event is `ForgotPassword`, it cannot be updated."},"403":{"description":"The given interaction event is not enabled in the sign-in experience settings."}},"security":[],"summary":"Update interaction event","description":"Update the current experience interaction event to the given event type. This API is used to switch the interaction event between `SignIn` and `Register`, while keeping all the verification records data."}},"/api/experience/identification":{"post":{"operationId":"IdentifyUser","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"verificationId":{"type":"string","description":"The ID of the verification record used to identify the user. <br/>- For `SignIn` and `ForgotPassword` interactions: Required to verify the user's identity. <br/>- For `Register` interaction: Optional. If provided, new profile(s) will be attached to the registration session using the information from the verification record and trigger the account creation attempt. If not provided, the user account creation attempt will be triggered using the existing profile data in the interaction."},"linkSocialIdentity":{"type":"boolean","description":"Applies only to the SignIn interaction and is used when a SocialVerification type verification ID is provided. <br/>- If `true`, the user is identified using the verified email or phone number from the social identity provider, and the social identity is linked to the user's account. <br/>- If `false` or not provided, the API identifies the user solely through the social identity. <br/>This parameter is used to link a non-existing social identity to a related user account identified by the verified email or phone number."}}}}}},"responses":{"201":{"description":"`Register` interaction: The user account has been successfully created and identified.","content":{"application/json":{}}},"204":{"description":"`SignIn` and `ForgotPassword` interactions: The user has been successfully identified."},"400":{"description":"The provided verificationId is invalid, not verified, or cannot be used to identify the user. <br/>- `session.verification_failed:` The verification is not verified or can not be used to identify the user. <br/>- `guard.invalid_target:` The `verificationId` is missing, but required for the `SignIn` and `ForgotPassword` interactions."},"401":{"description":"The user is suspended or banned from the service. (SignIn and ForgotPassword only)"},"403":{"description":"The `SignIn` or `Register` interaction is disabled in the experience settings."},"404":{"description":"Entity not found. <br/>- `session.verification_session_not_found:` The verification record is not found.  <br/>- `user.user_not_exist:` The user account is not found (SignIn and ForgotPassword only).  "},"409":{"description":"The interaction has already been identified with a different user account."},"422":{"description":"The user account cannot be created due to validation errors, check error message for more details (Register only). <br/>- `user.<identifier>_already_in_use:` The given identifier is already in use by another user account. <br/>- `user.missing_profile:` Sign-in experience required user identifier or profile data is missing. (Register only)"}},"security":[],"summary":"Identify user for the current interaction","description":"This API identifies the user based on the verificationId within the current experience interaction: <br/>- `SignIn` and `ForgotPassword` interactions: Verifies the user's identity using the provided `verificationId`. <br/>- `Register` interaction: Creates a new user account using the profile data from the current interaction. If a verificationId is provided, the profile data will first be updated with the verification record before creating the account. If not, the account is created directly from the stored profile data."}},"/api/experience/submit":{"post":{"operationId":"SubmitInteraction","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"The interaction has been successfully submitted.","content":{"application/json":{"schema":{"type":"object","required":["redirectTo"],"properties":{"redirectTo":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"403":{"description":"Multi-Factor Authentication (MFA) is enabled for the user but has not been verified."},"404":{"description":"The user has not been identified. "},"422":{"description":"The user profile can not been processed, check error message for more details. <br/>- The profile data is invalid or conflicts with existing user data. <br/>- Required profile data is missing. <br/>- The profile data is already in use by another user account."}},"security":[],"summary":"Submit interaction","description":"Submit the current interaction. <br/>- Submit the verified user identity to the OIDC provider for further authentication (SignIn and Register). <br/>- Update the user's profile data if any (SignIn and Register). <br/>- Reset the password and clear all the interaction records (ForgotPassword)."}},"/api/experience/interaction":{"get":{"operationId":"GetInteraction","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"The public interaction data has been successfully retrieved.","content":{"application/json":{"schema":{"type":"object","required":["interactionEvent","profile"],"properties":{"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"]},"userId":{"type":"string"},"profile":{"type":"object","properties":{"avatar":{"type":"string","maxLength":2048,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"customData":{"type":"object","description":"arbitrary"},"socialIdentity":{"type":"object","required":["target","userInfo"],"properties":{"target":{"type":"string"},"userInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},"enterpriseSsoIdentity":{"type":"object","required":["identityId","ssoConnectorId","issuer","detail"],"properties":{"identityId":{"type":"string","minLength":1,"maxLength":128},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128},"issuer":{"type":"string","minLength":1,"maxLength":256},"detail":{"type":"object","description":"arbitrary"}}},"syncedEnterpriseSsoIdentity":{"type":"object","required":["identityId","issuer","detail"],"properties":{"identityId":{"type":"string","minLength":1,"maxLength":128},"issuer":{"type":"string","minLength":1,"maxLength":256},"detail":{"type":"object","description":"arbitrary"}}},"jitOrganizationIds":{"type":"array","items":{"type":"string"}},"submitted":{"type":"boolean"}}},"verificationRecords":{"type":"array","items":{"oneOf":[{"type":"object","required":["id","type","identifier","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Password\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"oneOf":[{"type":"string","enum":["username","email","phone"]},{"type":"string","enum":["userId"]}]},"value":{"type":"string"}}},"verified":{"type":"boolean"}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"EmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"PhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"MfaEmailVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","templateType","verified","type","identifier"],"properties":{"id":{"type":"string"},"templateType":{"type":"string","enum":["SignIn","Register","ForgotPassword","OrganizationInvitation","Generic","UserPermissionValidation","BindNewIdentifier","MfaVerification","BindMfa"]},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"MfaPhoneVerificationCode\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string"}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"Social\""},"socialUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}}}},{"type":"object","required":["id","connectorId","type"],"properties":{"id":{"type":"string"},"connectorId":{"type":"string"},"type":{"type":"string","format":"\"EnterpriseSso\""},"enterpriseSsoUserInfo":{"type":"object","required":["id"],"properties":{"id":{"type":"string"},"email":{"type":"string"},"phone":{"type":"string"},"name":{"type":"string"},"avatar":{"type":"string"},"rawData":{"type":"object","oneOf":[{"type":"object","description":"arbitrary JSON object"},{"type":"array","items":{"oneOf":[{"type":"string"},{"type":"number"},{"type":"boolean"},{"type":"string","nullable":true,"description":"null value"},{"type":"object","description":"arbitrary JSON object"}]}},{"type":"string"},{"type":"number"},{"type":"boolean"}],"nullable":true}}},"issuer":{"type":"string"}}},{"type":"object","required":["id","type","userId","verified"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"Totp\""},"userId":{"type":"string"},"verified":{"type":"boolean"}}},{"type":"object","required":["id","type","userId"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"BackupCode\""},"userId":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["id","verified","type","userId"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"WebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","verified","type"],"properties":{"id":{"type":"string"},"verified":{"type":"boolean"},"type":{"type":"string","format":"\"SignInWebAuthn\""},"userId":{"type":"string"}}},{"type":"object","required":["id","type","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"NewPasswordIdentity\""},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}}}}},{"type":"object","required":["id","type","verified","identifier"],"properties":{"id":{"type":"string"},"type":{"type":"string","format":"\"OneTimeToken\""},"verified":{"type":"boolean"},"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string"}}},"oneTimeTokenContext":{"type":"object","properties":{"jitOrganizationIds":{"type":"array","items":{"type":"string"}}}}}}]}},"mfa":{"type":"object","properties":{"mfaEnabled":{"type":"boolean"},"mfaSkipped":{"type":"boolean"},"passkeySkipped":{"type":"boolean"},"totp":{"type":"object","required":["type"],"properties":{"type":{"type":"string","format":"\"Totp\""}}},"webAuthn":{"type":"array","items":{"type":"object","required":["type","rpId","credentialId","publicKey","transports","counter","agent"],"properties":{"type":{"type":"string","format":"\"WebAuthn\""},"rpId":{"type":"string"},"credentialId":{"type":"string"},"publicKey":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}},"counter":{"type":"number"},"agent":{"type":"string"},"name":{"type":"string"}}}},"backupCode":{"type":"object","required":["type"],"properties":{"type":{"type":"string","format":"\"BackupCode\""}}}}},"signInContext":{"type":"object","additionalProperties":{"type":"string"}},"captcha":{"type":"object","required":["verified","skipped"],"properties":{"verified":{"type":"boolean"},"skipped":{"type":"boolean"}}}}}}}}},"security":[],"summary":"Get public interaction data","description":"Get the public interaction data."}},"/api/experience/verification/password":{"post":{"operationId":"CreatePasswordVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","password"],"properties":{"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","enum":["username","email","phone"]},"value":{"type":"string"}},"description":"The unique identifier of the user that will be used to identify the user along with the provided password."},"password":{"type":"string","minLength":1,"description":"The user password."}}}}}},"responses":{"200":{"description":"The Password verification record has been successfully created and verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the newly created Password verification record. The `verificationId` is required when verifying the user's identity via the `Identification` API."}}}}}},"400":{"description":"The verification attempts have exceeded the maximum limit."},"401":{"description":"The user is suspended or banned from the service."},"422":{"description":"`session.invalid_credentials:` Either the user is not found or the provided password is incorrect."}},"security":[],"summary":"Create password verification record","description":"Create and verify a new Password verification record. The verification record can only be created if the provided user credentials are correct."}},"/api/experience/verification/verification-code":{"post":{"operationId":"CreateAndSendVerificationCode","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","interactionEvent"],"properties":{"identifier":{"oneOf":[{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}}},{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string","format":"regex","pattern":"/^\\d+$/"}}}],"description":"The identifier (email address or phone number) to send the verification code to."},"interactionEvent":{"type":"string","enum":["SignIn","Register","ForgotPassword"],"description":"The interaction event for which the verification code will be used. Supported values are `SignIn`, `Register`, and `ForgotPassword`. This determines the template for the verification code."}}}}}},"responses":{"200":{"description":"The verification code has been successfully sent.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique ID of the verification record. Required to verify the code."}}}}}},"400":{"description":"An invalid identifier was provided."},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"},"501":{"description":"The connector for sending the verification code is not configured."}},"security":[],"summary":"Create and send verification code","description":"Create a new `CodeVerification` record and sends the code to the specified identifier. The code verification can be used to verify the given identifier."}},"/api/experience/verification/verification-code/verify":{"post":{"operationId":"VerifyVerificationCodeVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","verificationId","code"],"properties":{"identifier":{"oneOf":[{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}}},{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string","format":"regex","pattern":"/^\\d+$/"}}}],"description":"The identifier (email address or phone number) to verify the code against. Must match the identifier used to send the verification code."},"verificationId":{"type":"string","description":"The verification ID of the CodeVerification record."},"code":{"type":"string","description":"The verification code to be verified."}}}}}},"responses":{"200":{"description":"The verification code was successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique ID of the verification record. Required for user identification via the `Identification` API or to bind the identifier to the user's account via the `Profile` API."}}}}}},"400":{"description":"The verification code is invalid or the maximum number of attempts has been exceeded. Check the error message for details."},"404":{"description":"Verification record not found."},"501":{"description":"The connector for sending the verification code is not configured."}},"security":[],"summary":"Verify verification code","description":"Verify the provided verification code against the user's identifier. If successful, the verification record will be marked as verified."}},"/api/experience/verification/mfa-verification-code":{"post":{"operationId":"CreateAndSendMfaVerificationCode","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifierType"],"properties":{"identifierType":{"type":"string","enum":["email","phone","Email","Phone"],"description":"The type of identifier to use for MFA verification. Must be either 'Email' or 'Phone'. The endpoint will automatically use the user's bound identifier of this type."}}}}}},"responses":{"200":{"description":"The MFA verification code has been successfully sent to the user's bound identifier.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique ID of the verification record. Required to verify the code."}}}}}},"400":{"description":"Bad request. The user is not identified or does not have the specified identifier type bound for MFA."},"404":{"description":"User not found."},"501":{"description":"The connector for the specified identifier type is not configured."}},"security":[],"summary":"Create and send MFA verification code","description":"Create a new MFA verification code and send it to the user's bound identifier (email or phone). This endpoint automatically uses the user's bound email address or phone number from their profile for MFA verification. The user must be identified before calling this endpoint."}},"/api/experience/verification/mfa-verification-code/verify":{"post":{"operationId":"VerifyMfaVerificationCode","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationId","code","identifierType"],"properties":{"verificationId":{"type":"string","description":"The verification ID returned from the MFA verification code send endpoint."},"code":{"type":"string","description":"The verification code received by the user."},"identifierType":{"type":"string","enum":["email","phone","Email","Phone"],"description":"The type of identifier used for MFA verification. Must match the type used when sending the verification code."}}}}}},"responses":{"200":{"description":"The MFA verification code was successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique ID of the verification record. This can be used for subsequent MFA operations."}}}}}},"400":{"description":"Bad request. The verification code is invalid, expired, or the user is not identified."},"404":{"description":"Verification record not found."},"501":{"description":"The connector for the verification method is not configured."}},"security":[],"summary":"Verify MFA verification code","description":"Verify the provided MFA verification code. The verification code must have been sent using the MFA verification code endpoint. This endpoint verifies the code against the user's bound identifier and marks the verification as complete if successful."}},"/api/experience/verification/social/{connectorId}/authorization-uri":{"post":{"operationId":"CreateSocialVerification","tags":["Experience"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["state","redirectUri"],"properties":{"state":{"type":"string","description":"The state parameter to pass to the social connector."},"redirectUri":{"type":"string","description":"The URI to redirect the user after the social authorization is completed."}}}}}},"responses":{"200":{"description":"The social authorization URI has been successfully generated.","content":{"application/json":{"schema":{"type":"object","required":["authorizationUri","verificationId"],"properties":{"authorizationUri":{"type":"string","description":"The social authorization URI."},"verificationId":{"type":"string","description":"The unique verification ID of the newly created SocialVerification record. The `verificationId` is required when verifying the social authorization response."}}}}}},"400":{"description":"Bad Request"},"404":{"description":"The social connector is not found."},"500":{"description":"Connector error. Failed to generate the social authorization URI."}},"security":[],"summary":"Create social verification","description":"Create a new SocialVerification record and return the provider's authorization URI for the given connector."}},"/api/experience/verification/social/{connectorId}/verify":{"post":{"operationId":"VerifySocialVerification","tags":["Experience"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["connectorData"],"properties":{"connectorData":{"type":"object","description":"Arbitrary data returned by the social provider to complete the verification process."},"verificationId":{"type":"string","description":"The ID of the social verification record. Optional for Google one tap login, as it does not have a pre-created social verification record in session."}}}}}},"responses":{"200":{"description":"The social authorization response has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the SocialVerification record. This ID is required when identifying the user in the current interaction."}}}}}},"400":{"description":"The social authorization response is invalid or cannot be verified."},"404":{"description":"The social connector is not found."},"500":{"description":"Connector error. Failed to verify the social authorization response or fetch the user info from the social provider."}},"security":[],"summary":"Verify social verification","description":"Verify the social authorization response data and get the user's identity data from the social provider."}},"/api/experience/verification/sso/{connectorId}/authorization-uri":{"post":{"operationId":"CreateEnterpriseSsoVerification","tags":["Experience"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["state","redirectUri"],"properties":{"state":{"type":"string","description":"The state parameter to pass to the SSO connector."},"redirectUri":{"type":"string","description":"The URI to redirect the user after the SSO authorization is completed."}}}}}},"responses":{"200":{"description":"The SSO authorization URI has been successfully generated.","content":{"application/json":{"schema":{"type":"object","required":["authorizationUri","verificationId"],"properties":{"authorizationUri":{"type":"string","description":"The SSO authorization URI."},"verificationId":{"type":"string","description":"The unique verification ID of the newly created EnterpriseSSO verification record. The `verificationId` is required when verifying the SSO authorization response."}}}}}},"400":{"description":"Bad Request"},"404":{"description":"The SSO connector is not found."},"500":{"description":"Connector error. Failed to generate the SSO authorization URI."}},"security":[],"summary":"Create enterprise SSO verification","description":"Create a new EnterpriseSSO verification record and return the provider's authorization URI for the given connector."}},"/api/experience/verification/sso/{connectorId}/verify":{"post":{"operationId":"VerifyEnterpriseSsoVerification","tags":["Experience"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["connectorData","verificationId"],"properties":{"connectorData":{"type":"object","description":"Arbitrary data returned by the SSO provider to complete the verification process."},"verificationId":{"type":"string","description":"The ID of the EnterpriseSSO verification record."}}}}}},"responses":{"200":{"description":"The SSO authorization response has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The current verified EnterpriseSSO verification record ID. This ID is required when identifying the user in the current interaction."}}}}}},"400":{"description":"The SSO authorization response is invalid or cannot be verified."},"404":{"description":"The verification record or the SSO connector is not found."},"500":{"description":"Connector error. Failed to verify the SSO authorization response or fetch the user info from the SSO provider."}},"security":[],"summary":"Verify enterprise SSO verification","description":"Verify the SSO authorization response data and get the user's identity from the SSO provider."}},"/api/experience/verification/totp/secret":{"post":{"operationId":"CreateTotpSecret","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"TOTP secret successfully generated.","content":{"application/json":{"schema":{"type":"object","required":["verificationId","secret","secretQrCode"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID for the TOTP record. This ID is required to verify the TOTP code."},"secret":{"type":"string","description":"The newly generated TOTP secret."},"secretQrCode":{"type":"string","description":"A QR code image data URL for the TOTP secret. The user can scan this QR code with their TOTP authenticator app."}}}}}},"400":{"description":"Bad Request"},"404":{"description":"Entity not found. <br/> - `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user."}},"security":[],"summary":"Create TOTP secret","description":"Create a new TOTP verification record and generate a new TOTP secret for the user. This secret can be used to bind a new TOTP verification to the user's profile. The verification record must be verified before the secret can be used to bind a new TOTP verification to the user's profile."}},"/api/experience/verification/totp/verify":{"post":{"operationId":"VerifyTotpVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["code"],"properties":{"code":{"type":"string","minLength":1,"description":"The TOTP code to be verified."},"verificationId":{"type":"string","description":"The verification ID of the newly created TOTP secret. This ID is required to verify a newly created TOTP secret that needs to be bound to the user account. If not provided, the API will create a new TOTP verification record and verify the code against the user's existing TOTP secret."}}}}}},"responses":{"200":{"description":"The TOTP code has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the TOTP verification record. For newly created TOTP secret verification record, this ID is required to bind the TOTP secret to the user account through `Profile` API."}}}}}},"400":{"description":"Invalid TOTP code."},"404":{"description":"Verification record not found."}},"security":[],"summary":"Verify TOTP verification","description":"Verifies the provided TOTP code against the new created TOTP secret or the existing TOTP secret. If a verificationId is provided, this API will verify the code against the TOTP secret that is associated with the verification record. Otherwise, a new TOTP verification record will be created and verified against the user's existing TOTP secret."}},"/api/experience/verification/web-authn/registration":{"post":{"operationId":"CreateWebAuthnRegistrationVerification","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"WebAuthn registration successfully created.","content":{"application/json":{"schema":{"type":"object","required":["verificationId","registrationOptions"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID for the WebAuthn registration record. This ID is required to verify the WebAuthn registration challenge."},"registrationOptions":{"type":"object","required":["rp","user","challenge","pubKeyCredParams"],"properties":{"rp":{"type":"object","required":["name"],"properties":{"name":{"type":"string"},"id":{"type":"string"}}},"user":{"type":"object","required":["id","name","displayName"],"properties":{"id":{"type":"string"},"name":{"type":"string"},"displayName":{"type":"string"}}},"challenge":{"type":"string"},"pubKeyCredParams":{"type":"array","items":{"type":"object","required":["type","alg"],"properties":{"type":{"type":"string","format":"\"public-key\""},"alg":{"type":"number"}}}},"timeout":{"type":"number"},"excludeCredentials":{"type":"array","items":{"type":"object","required":["type","id"],"properties":{"type":{"type":"string","format":"\"public-key\""},"id":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}}}}},"authenticatorSelection":{"type":"object","properties":{"authenticatorAttachment":{"type":"string","enum":["platform","cross-platform"]},"requireResidentKey":{"type":"boolean"},"residentKey":{"type":"string","enum":["discouraged","preferred","required"]},"userVerification":{"type":"string","enum":["required","preferred","discouraged"]}}},"attestation":{"type":"string","enum":["none","indirect","direct","enterprise"]},"extensions":{"type":"object","properties":{"appid":{"type":"string"},"credProps":{"type":"boolean"},"hmacCreateSecret":{"type":"boolean"}}}},"description":"The WebAuthn registration options that the user needs to create a new WebAuthn credential."}}}}}},"400":{"description":"Bad Request"},"404":{"description":"Entity not found. <br/> - `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user."}},"security":[],"summary":"Create WebAuthn registration verification","description":"Create a new WebAuthn registration verification record. The verification record can be used to bind a new WebAuthn credential to the user's profile."}},"/api/experience/verification/web-authn/registration/verify":{"post":{"operationId":"VerifyWebAuthnRegistrationVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationId","payload"],"properties":{"verificationId":{"type":"string","description":"The verification ID of the WebAuthn registration record."},"payload":{"type":"object","required":["type","id","rawId","response","clientExtensionResults"],"properties":{"type":{"type":"string","format":"\"WebAuthn\""},"id":{"type":"string"},"rawId":{"type":"string"},"response":{"type":"object","required":["clientDataJSON","attestationObject"],"properties":{"clientDataJSON":{"type":"string"},"attestationObject":{"type":"string"},"authenticatorData":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}},"publicKeyAlgorithm":{"type":"number"},"publicKey":{"type":"string"}}},"authenticatorAttachment":{"type":"string","enum":["cross-platform","platform"]},"clientExtensionResults":{"type":"object","properties":{"appid":{"type":"boolean"},"crepProps":{"type":"object","properties":{"rk":{"type":"boolean"}}},"hmacCreateSecret":{"type":"boolean"}}}},"description":"The WebAuthn attestation response from the user's WebAuthn credential."}}}}}},"responses":{"200":{"description":"The WebAuthn registration has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the WebAuthn registration record. This `verificationId` is required to bind the WebAuthn credential to the user account via the `Profile` API."}}}}}},"400":{"description":"Invalid request. <br/>  - `session.mfa.pending_info_not_found:` The WebAuthn registration challenge is missing from the current verification record. <br/>- `session.mfa.webauthn_verification_failed:` The WebAuthn attestation response is invalid or cannot be verified."},"404":{"description":"Verification record not found."}},"security":[],"summary":"Verify WebAuthn registration verification","description":"Verify the WebAuthn registration response against the user's WebAuthn registration challenge. If the response is valid, the WebAuthn registration record will be marked as verified."}},"/api/experience/verification/web-authn/authentication":{"post":{"operationId":"CreateWebAuthnAuthenticationVerification","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"WebAuthn authentication successfully initiated.","content":{"application/json":{"schema":{"type":"object","required":["verificationId","authenticationOptions"],"properties":{"verificationId":{"type":"string","description":"The unique ID for the WebAuthn authentication record, required to verify the WebAuthn authentication challenge."},"authenticationOptions":{"type":"object","required":["challenge"],"properties":{"challenge":{"type":"string"},"timeout":{"type":"number"},"rpId":{"type":"string"},"allowCredentials":{"type":"array","items":{"type":"object","required":["type","id"],"properties":{"type":{"type":"string","format":"\"public-key\""},"id":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}}}}},"userVerification":{"type":"string","enum":["required","preferred","discouraged"]},"extensions":{"type":"object","properties":{"appid":{"type":"string"},"credProps":{"type":"boolean"},"hmacCreateSecret":{"type":"boolean"}}}},"description":"Options for the user to authenticate with their WebAuthn credential."}}}}}},"400":{"description":"The user does not have a verified WebAuthn credential."},"404":{"description":"The current interaction is not yet identified. All MFA verification records must be associated with an identified user."}},"security":[],"summary":"Create WebAuthn authentication verification","description":"Create a new WebAuthn authentication verification record based on the user's existing WebAuthn credential. This verification record can be used to verify the user's WebAuthn credential."}},"/api/experience/verification/web-authn/authentication/verify":{"post":{"operationId":"VerifyWebAuthnAuthenticationVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationId","payload"],"properties":{"verificationId":{"type":"string","description":"The verification ID of the WebAuthn authentication verification record."},"payload":{"type":"object","required":["type","id","rawId","clientExtensionResults","response"],"properties":{"type":{"type":"string","format":"\"WebAuthn\""},"id":{"type":"string"},"rawId":{"type":"string"},"authenticatorAttachment":{"type":"string","enum":["cross-platform","platform"]},"clientExtensionResults":{"type":"object","properties":{"appid":{"type":"boolean"},"crepProps":{"type":"object","properties":{"rk":{"type":"boolean"}}},"hmacCreateSecret":{"type":"boolean"}}},"response":{"type":"object","required":["clientDataJSON","authenticatorData","signature"],"properties":{"clientDataJSON":{"type":"string"},"authenticatorData":{"type":"string"},"signature":{"type":"string"},"userHandle":{"type":"string"}}}},"description":"The WebAuthn assertion response from the user's WebAuthn credential."}}}}}},"responses":{"200":{"description":"The WebAuthn authentication has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the WebAuthn authentication verification record."}}}}}},"400":{"description":"Invalid request. <br/> - `session.mfa.pending_info_not_found:` The WebAuthn authentication challenge is missing in the current verification record. <br/>- `session.mfa.webauthn_verification_failed:` The WebAuthn assertion response is invalid or cannot be verified."},"404":{"description":"Verification record not found."}},"security":[],"summary":"Verify WebAuthn authentication verification","description":"Verifies the WebAuthn authentication response against the user's authentication challenge. Upon successful verification, the verification record will be marked as verified."}},"/api/experience/verification/backup-code/generate":{"post":{"operationId":"GenerateBackupCodes","tags":["Experience"],"parameters":[],"responses":{"200":{"description":"Backup codes have been successfully generated.","content":{"application/json":{"schema":{"type":"object","required":["verificationId","codes"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the newly created BackupCode verification record. This ID is required when adding the backup codes to the user profile via the Profile API."},"codes":{"type":"array","items":{"type":"string"},"description":"The generated backup codes."}}}}}},"400":{"description":"Bad Request"},"404":{"description":"The current interaction is not identified yet. All MFA verification records must be associated with a identified user."}},"security":[],"summary":"Generate backup codes","description":"Create a new BackupCode verification record with new backup codes generated. This verification record will be used to bind the backup codes to the user's profile."}},"/api/experience/verification/backup-code/verify":{"post":{"operationId":"VerifyBackupCode","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["code"],"properties":{"code":{"type":"string","minLength":1,"description":"The backup code to verify."}}}}}},"responses":{"200":{"description":"The backup code has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the BackupCode verification record."}}}}}},"400":{"description":"The provided backup code is invalid."},"404":{"description":"Entity not found. <br/> - `session.identifier_not_found:` The current interaction is not identified yet. All MFA verification records must be associated with a identified user."}},"security":[],"summary":"Verify backup code","description":"Create a new BackupCode verification record and verify the provided backup code against the user's backup codes. The verification record will be marked as verified if the code is correct."}},"/api/experience/verification/new-password-identity":{"post":{"operationId":"CreateNewPasswordIdentityVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","password"],"properties":{"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"username\""},"value":{"type":"string","format":"regex","pattern":"/^[A-Z_a-z]\\w*$/"}},"description":"The unique user identifier.  <br/> Currently, only `username` is accepted. For `email` or `phone` registration, a `CodeVerification` record must be created and used to verify the user's email or phone number identifier."},"password":{"type":"string","description":"The new user password. (A password digest will be created and stored securely in the verification record.)"}}}}}},"responses":{"200":{"description":"The NewPasswordIdentity verification record has been successfully created.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique verification ID of the newly created NewPasswordIdentity verification record. The `verificationId` is required when creating a new user account via the `Identification` API."}}}}}},"400":{"description":"Bad Request"},"422":{"description":"Unable to process the request. <br/>- `user.username_already_in_use:` The provided username is already in use. <br/>- `password.rejected:` The provided password is rejected by the password policy. Detailed password violation information is included in the response."}},"security":[],"summary":"Create new password identity verification","description":"Create a NewPasswordIdentity verification record for the new user registration use. The verification record includes a unique user identifier and a password that can be used to create a new user account."}},"/api/experience/verification/one-time-token/verify":{"post":{"operationId":"VerifyOneTimeTokenVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","token"],"properties":{"identifier":{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}},"description":"The unique user identifier.  <br/> Currently, only `email` is accepted."},"token":{"type":"string","minLength":1,"description":"The one-time token to be verified."}}}}}},"responses":{"200":{"description":"The one-time token was successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The unique ID of the verification record. Required for user identification via the `Identification` API or to bind the identifier to the user's account via the `Profile` API."}}}}}},"400":{"description":"The one-time token is invalid or the maximum number of attempts has been exceeded. Check the error message for details."},"404":{"description":"Verification record not found."}},"security":[],"summary":"Verify one-time token","description":"Verify the provided one-time token against the user's email. If successful, the verification record will be marked as verified."}},"/api/experience/profile":{"post":{"operationId":"AddUserProfile","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"username\""},"value":{"type":"string","format":"regex","pattern":"/^[A-Z_a-z]\\w*$/"}}},{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"password\""},"value":{"type":"string"}}},{"type":"object","required":["type","verificationId"],"properties":{"type":{"type":"string","format":"\"email\""},"verificationId":{"type":"string"}}},{"type":"object","required":["type","verificationId"],"properties":{"type":{"type":"string","format":"\"phone\""},"verificationId":{"type":"string"}}},{"type":"object","required":["type","verificationId"],"properties":{"type":{"type":"string","format":"\"social\""},"verificationId":{"type":"string"}}},{"type":"object","required":["type","values"],"properties":{"type":{"type":"string","format":"\"extraProfile\""},"values":{"type":"object","additionalProperties":{"example":{}}}}}],"properties":{"type":{"description":"The type of profile data to add. Available options: `email`, `phone`, `username`, `password`, `social`, or `extraProfile`."},"value":{"description":"The plain text value of the profile data. Only supported for profile data types that does not require verification, such as `username` and `password`."},"values":{"description":"The extra profile data to add. Only supported for `extraProfile` type. The data will be validated and split into standard user profile attributes and custom user profile attributes. The standard user profile attributes will be set to the user profile, whereas the custom user profile attributes will be set to the user custom data."},"verificationId":{"description":"The ID of the verification record used to verify the profile data. Required for profile data types that require verification, such as `email`, `phone` and `social`."}}}}}},"responses":{"204":{"description":"The profile data has been successfully added to the current experience interaction."},"400":{"description":"Invalid request. <br/> - `session.not_supported_for_forgot_password:` This API can not be used in the `ForgotPassword` interaction. <br/>- `session.verification_failed:` The verification record is not verified. "},"403":{"description":"`SignIn` interaction only: MFA is enabled for the user but has not been verified. The user must verify the MFA before updating the profile data."},"404":{"description":"Entity not found. <br/> - `session.identifier_not_found:` (`SignIn` interaction only) The current interaction is not identified yet. All profile data must be associated with a identified user. <br/>- `session.verification_session_not_found:` The verification record is not found."},"422":{"description":"The user profile can not been processed, check error message for more details. <br/>- The profile data is invalid or conflicts with existing user data. <br/>- The profile data is already in use by another user account. <br/>- The email address is enterprise SSO enabled, can only be linked through the SSO connector."}},"security":[],"summary":"Add user profile","description":"Adds user profile data to the current experience interaction. <br/>- For `Register`: The profile data provided before the identification request will be used to create a new user account. <br/>- For `SignIn` and `Register`: The profile data provided after the user is identified will be used to update the user's profile when the interaction is submitted. <br/>- `ForgotPassword`: Not supported."}},"/api/experience/profile/password":{"put":{"operationId":"ResetUserPassword","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","description":"The new password to update. The password must meet the password policy requirements and can not be the same as the current password."}}}}}},"responses":{"204":{"description":"The password has been successfully updated."},"400":{"description":"The current interaction event is not `ForgotPassword`. The password can only be updated through the `ForgotPassword` interaction."},"404":{"description":"The user has not been identified yet. The user must be identified before updating the password."},"422":{"description":"The password can not be updated due to validation errors, check error message for more details. <br/>- `user.password_policy_violation:` The password does not meet the password policy requirements. <br/>- `user.same_password:` The new password is the same as the current password."}},"security":[],"summary":"Reset user password","description":"Reset the user's password. (`ForgotPassword` interaction only)"}},"/api/experience/profile/mfa/mfa-skipped":{"post":{"operationId":"SkipMfaBindingFlow","tags":["Experience"],"parameters":[],"responses":{"204":{"description":"The MFA verification has been successfully skipped."},"400":{"description":"Not supported for the current interaction event. The MFA profile API can only be used in the `SignIn` or `Register` interaction."},"403":{"description":"Some MFA factors has already been enabled for the user. The user must verify the MFA before updating the MFA settings."},"404":{"description":"The user has not been identified yet. The `mfa-skipped` configuration must be associated with an identified user."},"422":{"description":"The MFA verification binding is `Mandatory`, user can not skip the MFA verification binding flow."}},"security":[],"summary":"Skip MFA binding flow","description":"Skip MFA verification binding flow. If the MFA is enabled in the sign-in experience settings and marked as `UserControlled`, the user can skip the MFA verification binding flow by calling this API."}},"/api/experience/profile/mfa/mfa-suggestion-skipped":{"post":{"operationId":"SkipMfaSuggestion","tags":["Experience"],"parameters":[],"responses":{"204":{"description":"The suggestion was successfully skipped."},"400":{"description":"Not supported for the current interaction event. The MFA profile API can only be used in the `SignIn` or `Register` interaction."},"403":{"description":"Some MFA factors have already been enabled for the user. The user must verify MFA before updating related settings."},"404":{"description":"The user has not been identified yet. The suggestion state must be associated with an identified user."},"422":{"description":"The suggestion is not skippable under current policy."}},"security":[],"summary":"Skip additional MFA suggestion","description":"Mark the optional additional MFA binding suggestion as skipped for the current interaction. When multiple MFA factors are enabled and only an email/phone factor is configured, a suggestion to add another factor may be shown; this endpoint records the choice to skip."}},"/api/experience/profile/mfa/passkey-skipped":{"post":{"operationId":"SkipPasskeyBinding","tags":["Experience"],"parameters":[],"responses":{"204":{"description":"The passkey binding flow has been permanently skipped."},"400":{"description":"Not supported for the current interaction event. This API can only be used in the `SignIn` or `Register` interaction."},"404":{"description":"The user has not been identified yet. The `passkey-skipped` configuration must be associated with a identified user."}},"security":[],"summary":"Skip passkey binding","description":"Skip passkey binding flow. The users can temporarily skip the passkey binding flow by calling this API during sign-up. On sign-in, the skip flag will be persisted to user config."}},"/api/experience/profile/mfa/passkey":{"post":{"operationId":"BindPasskey","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationId"],"properties":{"verificationId":{"type":"string","description":"The ID of the WebAuthn verification record to bind as a passkey."}}}}}},"responses":{"204":{"description":"The passkey has been successfully bound to the user profile."},"400":{"description":"Invalid request. <br/>- `session.verification_failed:` The WebAuthn verification record is invalid or not verified. <br/>- `session.mfa.pending_info_not_found:` The verification record does not have the required registration data."},"404":{"description":"Entity not found. <br/>- `session.identifier_not_found:` The user has not been identified yet. <br/>- `session.verification_session_not_found:` The WebAuthn verification record is not found."}},"security":[],"summary":"Bind passkey for sign-in","description":"Bind a WebAuthn credential as a passkey for sign-in purposes. Unlike `POST /api/experience/profile/mfa` with `type: WebAuthn`, this endpoint is exclusively for adding a passkey as a sign-in method and does NOT mark the user's optional MFA as enabled."}},"/api/experience/profile/mfa":{"post":{"operationId":"BindMfaVerification","tags":["Experience"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["type","verificationId"],"properties":{"type":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"],"description":"The type of MFA."},"verificationId":{"type":"string","description":"The ID of the MFA verification record."}}}}}},"responses":{"204":{"description":"The MFA verification has been successfully added to the user profile."},"400":{"description":"Invalid request. <br/>- `session.verification_failed:` The MFA verification record is invalid or not verified. <br/>- `session.mfa.mfa_factor_not_enabled:` The MFA factor is not enabled in the sign-in experience settings. <br/>- `session.mfa.pending_info_not_found:` The MFA verification record does not have the required information to bind the MFA verification."},"403":{"description":"Forbidden"},"404":{"description":"Entity not found. <br/> - `session.identifier_not_found:` The user has not been identified yet. The MFA verification can only be added to a identified user. <br/>- `session.verification_session_not_found:` The MFA verification record is not found."},"422":{"description":"The MFA verification can not been processed, check error message for more details. <br/>- `user.totp_already_in_use`: A TOTP MFA secret is already in use in the current user profile. <br/>- `session.mfa.backup_code_can_not_be_alone`: The backup code can not be the only MFA factor in the user profile."}},"security":[],"summary":"Bind MFA verification by verificationId","description":"Bind new MFA verification to the user profile using the verificationId."}},"/api/experience/sso-connectors":{"get":{"operationId":"GetEnabledSsoConnectors","tags":["Experience"],"parameters":[{"name":"email","in":"query","required":true,"schema":{"type":"string","format":"email"},"description":"The email address to find the enabled SSO connectors."}],"responses":{"200":{"description":"The enabled SSO connectors have been successfully retrieved.","content":{"application/json":{"schema":{"type":"object","required":["connectorIds"],"properties":{"connectorIds":{"type":"array","items":{"type":"string"},"description":"The list of enabled SSO connectorIds. Returns an empty array if no enabled SSO connectors are found."}}}}}},"400":{"description":"The email address is invalid, can not extract a valid domain from it."}},"security":[],"summary":"Get enabled SSO connectors by the given email's domain","description":"Extract the email domain from the provided email address. Returns all the enabled SSO connectors that match the email domain."}},"/api/my-account":{"get":{"operationId":"GetProfile","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The profile was retrieved successfully.","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get profile","description":"Get profile for the user."},"patch":{"operationId":"UpdateProfile","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"name":{"type":"string","nullable":true,"description":"The new name for the user."},"avatar":{"type":"string","format":"url","nullable":true,"description":"The new avatar for the user, must be a URL."},"username":{"type":"string","format":"regex","pattern":"/^[A-Z_a-z]\\w*$/","nullable":true,"description":"The new username for the user, must be a valid username and unique."},"customData":{"type":"object","description":"The new custom data for the user. This will completely replace the existing customData. Requires CustomData scope."}}}}}},"responses":{"200":{"description":"The profile was updated successfully.","content":{"application/json":{"schema":{"type":"object","properties":{"id":{"type":"string","minLength":1,"maxLength":12},"username":{"type":"string","maxLength":128,"nullable":true},"primaryEmail":{"type":"string","maxLength":128,"nullable":true},"primaryPhone":{"type":"string","maxLength":128,"nullable":true},"name":{"type":"string","maxLength":128,"nullable":true},"avatar":{"type":"string","maxLength":2048,"nullable":true},"customData":{"type":"object","description":"arbitrary"},"identities":{"type":"object","additionalProperties":{"type":"object","required":["userId"],"properties":{"userId":{"type":"string"},"details":{"type":"object","description":"arbitrary"}}}},"lastSignInAt":{"type":"number","nullable":true},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"profile":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}},"applicationId":{"type":"string","maxLength":21,"nullable":true},"isSuspended":{"type":"boolean"},"hasPassword":{"type":"boolean"},"ssoIdentities":{"type":"array","items":{"type":"object","required":["tenantId","id","userId","issuer","identityId","detail","createdAt","updatedAt","ssoConnectorId"],"properties":{"tenantId":{"type":"string","maxLength":21},"id":{"type":"string","minLength":1,"maxLength":21},"userId":{"type":"string","minLength":1,"maxLength":12},"issuer":{"type":"string","minLength":1,"maxLength":256},"identityId":{"type":"string","minLength":1,"maxLength":128},"detail":{"type":"object","description":"arbitrary"},"createdAt":{"type":"number"},"updatedAt":{"type":"number"},"ssoConnectorId":{"type":"string","minLength":1,"maxLength":128}}}}}}}}},"400":{"description":"The request body is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The username is already in use."}},"summary":"Update profile","description":"Update profile for the user, only the fields that are passed in will be updated."}},"/api/my-account/profile":{"patch":{"operationId":"UpdateOtherProfile","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"familyName":{"type":"string","description":"The new family name for the user."},"givenName":{"type":"string","description":"The new given name for the user."},"middleName":{"type":"string","description":"The new middle name for the user."},"nickname":{"type":"string","description":"The new nickname for the user."},"preferredUsername":{"type":"string","description":"The new preferred username for the user."},"profile":{"type":"string","description":"The new profile for the user."},"website":{"type":"string","description":"The new website for the user."},"gender":{"type":"string","description":"The new gender for the user."},"birthdate":{"type":"string","description":"The new birthdate for the user."},"zoneinfo":{"type":"string","description":"The new zoneinfo for the user."},"locale":{"type":"string","description":"The new locale for the user."},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}},"description":"The new address for the user."}}}}}},"responses":{"200":{"description":"The profile was updated successfully.","content":{"application/json":{"schema":{"type":"object","properties":{"familyName":{"type":"string"},"givenName":{"type":"string"},"middleName":{"type":"string"},"nickname":{"type":"string"},"preferredUsername":{"type":"string"},"profile":{"type":"string"},"website":{"type":"string"},"gender":{"type":"string"},"birthdate":{"type":"string"},"zoneinfo":{"type":"string"},"locale":{"type":"string"},"address":{"type":"object","properties":{"formatted":{"type":"string"},"streetAddress":{"type":"string"},"locality":{"type":"string"},"region":{"type":"string"},"postalCode":{"type":"string"},"country":{"type":"string"}}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update other profile","description":"Update other profile for the user, only the fields that are passed in will be updated, to update the address, the user must have the address scope."}},"/api/my-account/password":{"post":{"operationId":"UpdatePassword","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","minLength":1,"description":"The new password for the user."}}}}}},"responses":{"204":{"description":"The password was updated successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Permission denied, the verification record is invalid."},"422":{"description":"Unprocessable Content"}},"summary":"Update password","description":"Update password for the user, a logto-verification-id in header is required for checking sensitive permissions."}},"/api/my-account/mfa-settings":{"get":{"operationId":"GetMfaSettings","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The MFA settings were retrieved successfully.","content":{"application/json":{"schema":{"type":"object","required":["skipMfaOnSignIn"],"properties":{"skipMfaOnSignIn":{"type":"boolean"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Permission denied, insufficient scope or MFA field not enabled."},"403":{"description":"Forbidden"}},"summary":"Get MFA settings","description":"Get MFA settings for the user. This endpoint requires the Identities scope. Returns current MFA configuration preferences."},"patch":{"operationId":"UpdateMfaSettings","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["skipMfaOnSignIn"],"properties":{"skipMfaOnSignIn":{"type":"boolean"}}}}}},"responses":{"200":{"description":"The MFA settings were updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["skipMfaOnSignIn"],"properties":{"skipMfaOnSignIn":{"type":"boolean"}}}}}},"400":{"description":"The request body is invalid."},"401":{"description":"Permission denied, identity verification is required or insufficient scope."},"403":{"description":"Forbidden"}},"summary":"Update MFA settings","description":"Update MFA settings for the user. This endpoint requires identity verification and the Identities scope. Controls whether MFA verification is required during sign-in when the user has MFA configured."}},"/api/my-account/logto-configs":{"get":{"operationId":"GetLogtoConfig","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The exposed logto config fields were retrieved successfully.","content":{"application/json":{"schema":{"type":"object","required":["mfa","passkeySignIn"],"properties":{"mfa":{"type":"object","required":["skipped","skipMfaOnSignIn"],"properties":{"enabled":{"type":"boolean"},"skipped":{"type":"boolean"},"skipMfaOnSignIn":{"type":"boolean"}}},"passkeySignIn":{"type":"object","required":["skipped"],"properties":{"skipped":{"type":"boolean"}}}}}}}},"400":{"description":"MFA is not available in the account center."},"401":{"description":"Permission denied due to insufficient scope."},"403":{"description":"Forbidden"}},"summary":"Get logto config","description":"Retrieve the exposed portion of the current user's logto config. This includes MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in binding states (skipped). Passkey is a WebAuthn MFA factor and shares the same account center field access control as MFA."},"patch":{"operationId":"UpdateLogtoConfig","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","properties":{"mfa":{"type":"object","properties":{"enabled":{"type":"boolean","description":"Set whether MFA is enabled for the user."},"skipped":{"type":"boolean","description":"Set whether the user is marked as having skipped MFA binding."},"skipMfaOnSignIn":{"type":"boolean","description":"Set whether the user has opted to skip MFA verification on sign-in. This is ignored when the MFA policy is mandatory."}}},"passkeySignIn":{"type":"object","properties":{"skipped":{"type":"boolean","description":"Set whether the user has persistently skipped binding a passkey for sign-in."}}}}}}}},"responses":{"200":{"description":"The exposed logto_config fields were updated successfully.","content":{"application/json":{"schema":{"type":"object","required":["mfa","passkeySignIn"],"properties":{"mfa":{"type":"object","required":["skipped","skipMfaOnSignIn"],"properties":{"enabled":{"type":"boolean"},"skipped":{"type":"boolean"},"skipMfaOnSignIn":{"type":"boolean"}}},"passkeySignIn":{"type":"object","required":["skipped"],"properties":{"skipped":{"type":"boolean"}}}}}}}},"400":{"description":"The request body is invalid."},"401":{"description":"Permission denied due to insufficient scope."},"403":{"description":"Forbidden"}},"summary":"Update logto config","description":"Update the exposed portion of the current user's logto config. Supports updating MFA states (enabled, skipped, skipMfaOnSignIn) and passkey sign-in binding states (skipped). Passkey is a WebAuthn MFA factor and shares the same account center field access control as MFA."}},"/api/my-account/identities/{target}/access-token":{"get":{"operationId":"GetSocialIdentityAccessToken","tags":["My account"],"parameters":[{"name":"target","in":"path","required":true,"schema":{"type":"string","minLength":1}}],"responses":{"200":{"description":"The access token was retrieved successfully.","content":{"application/json":{"schema":{"type":"object","required":["access_token"],"properties":{"access_token":{"type":"string"},"scope":{"type":"string"},"token_type":{"type":"string"},"expires_in":{"oneOf":[{"type":"number"},{"type":"string"}]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Permission denied, the access_token is expired and the offline_access scope is not granted or expired."},"403":{"description":"Forbidden"},"404":{"description":"The social identity does not exist or the access token is not available."},"422":{"description":"Unprocessable Content"}},"summary":"Retrieve the access token issued by a third-party social provider","description":"This API retrieves the access token issued by a third-party social provider for a given social target. \nAccess is only available if token storage is enabled for the corresponding social connector.\nWhen a user authenticates through a social provider, Logto automatically stores the provider’s tokens in an encrypted form.\nYou can use this API to securely retrieve the stored access token and use it to access third-party APIs on behalf of the user."},"put":{"operationId":"UpdateSocialIdentityAccessTokenByVerificationId","tags":["My account"],"parameters":[{"name":"target","in":"path","required":true,"schema":{"type":"string","minLength":1}}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId"],"properties":{"verificationRecordId":{"type":"string","minLength":1}}}}}},"responses":{"200":{"description":"The token storage was updated successfully. The new access token is returned in the response body.","content":{"application/json":{"schema":{"type":"object","required":["access_token"],"properties":{"access_token":{"type":"string"},"scope":{"type":"string"},"token_type":{"type":"string"},"expires_in":{"oneOf":[{"type":"number"},{"type":"string"}]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The verification record is invalid; the social identity does not exist; or the access token is not available."}},"summary":"Update the access token for a social identity by verification ID","description":"This API updates the token storage for a social identity by a given social verification ID. \nIt is used to fetch a new access token from the social provider and store it securely in Logto."}},"/api/my-account/sso-identities/{connectorId}/access-token":{"get":{"operationId":"GetEnterpriseSsoIdentityAccessToken","tags":["My account"],"parameters":[{"$ref":"#/components/parameters/connectorId"}],"responses":{"200":{"description":"The access token was retrieved successfully.","content":{"application/json":{"schema":{"type":"object","required":["access_token"],"properties":{"access_token":{"type":"string"},"scope":{"type":"string"},"token_type":{"type":"string"},"expires_in":{"oneOf":[{"type":"number"},{"type":"string"}]}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Permission denied, the access_token is expired and the offline_access scope is not granted or expired."},"403":{"description":"Forbidden"},"404":{"description":"The SSO connector does not exist or the access token is not available."}},"summary":"Retrieve the access token issued by a third-party enterprise SSO provider","description":"This API retrieves the access token issued by a third-party enterprise SSO provider for a given SSO connector ID. \nAccess is only available if token storage is enabled for the corresponding connector.\nWhen a user authenticates through a SSO provider, Logto automatically stores the provider’s tokens in an encrypted form.\nYou can use this API to securely retrieve the stored access token and use it to access third-party APIs on behalf of the user."}},"/api/my-account/primary-email":{"post":{"operationId":"UpdatePrimaryEmail","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["email","newIdentifierVerificationRecordId"],"properties":{"email":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/","description":"The new email for the user."},"newIdentifierVerificationRecordId":{"type":"string","description":"The identifier verification record ID for the new email ownership verification."}}}}}},"responses":{"204":{"description":"The primary email was updated successfully."},"400":{"description":"The new verification record is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Permission denied, the verification record is invalid."},"422":{"description":"Unprocessable Content"}},"summary":"Update primary email","description":"Update primary email for the user, a logto-verification-id in header is required for checking sensitive permissions, and a new identifier verification record is required for the new email ownership verification."},"delete":{"operationId":"DeletePrimaryEmail","tags":["My account"],"parameters":[],"responses":{"204":{"description":"The primary email was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Delete primary email","description":"Delete primary email for the user, a verification-record-id in header is required for checking sensitive permissions."}},"/api/my-account/primary-phone":{"post":{"operationId":"UpdatePrimaryPhone","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["phone","newIdentifierVerificationRecordId"],"properties":{"phone":{"type":"string","format":"regex","pattern":"/^\\d+$/","description":"The new phone for the user."},"newIdentifierVerificationRecordId":{"type":"string","description":"The identifier verification record ID for the new phone ownership verification."}}}}}},"responses":{"204":{"description":"The primary phone was updated successfully."},"400":{"description":"The new verification record is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Permission denied, the verification record is invalid."},"422":{"description":"Unprocessable Content"}},"summary":"Update primary phone","description":"Update primary phone for the user, a logto-verification-id in header is required for checking sensitive permissions, and a new identifier verification record is required for the new phone ownership verification."},"delete":{"operationId":"DeletePrimaryPhone","tags":["My account"],"parameters":[],"responses":{"204":{"description":"The primary phone was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Delete primary phone","description":"Delete primary phone for the user, a verification-record-id in header is required for checking sensitive permissions."}},"/api/my-account/identities":{"post":{"operationId":"AddUserIdentities","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["newIdentifierVerificationRecordId"],"properties":{"newIdentifierVerificationRecordId":{"type":"string","description":"The identifier verification record ID for the new social identity ownership verification."}}}}}},"responses":{"204":{"description":"The identity was added successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Add a user identity","description":"Add an identity (social identity) to the user, a logto-verification-id in header is required for checking sensitive permissions, and a verification record for the social identity is required."}},"/api/my-account/identities/{target}":{"delete":{"operationId":"DeleteIdentity","tags":["My account"],"parameters":[{"name":"target","in":"path","required":true,"schema":{"type":"string"}}],"responses":{"204":{"description":"The identity was deleted successfully."},"400":{"description":"The verification record is invalid."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The identity does not exist."}},"summary":"Delete a user identity","description":"Delete an identity (social identity) from the user, a logto-verification-id in header is required for checking sensitive permissions."}},"/api/my-account/mfa-verifications":{"get":{"operationId":"GetMfaVerifications","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The MFA verifications were retrieved successfully.","content":{"application/json":{"schema":{"type":"array","items":{"type":"object","required":["id","createdAt","type"],"properties":{"id":{"type":"string"},"createdAt":{"type":"string"},"lastUsedAt":{"type":"string"},"type":{"type":"string","enum":["Totp","WebAuthn","BackupCode","EmailVerificationCode","PhoneVerificationCode"]},"agent":{"type":"string"},"name":{"type":"string"},"remainCodes":{"type":"number"}}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Get MFA verifications","description":"Get MFA verifications for the user."},"post":{"operationId":"AddMfaVerification","tags":["My account"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"oneOf":[{"type":"object","required":["type","newIdentifierVerificationRecordId"],"properties":{"type":{"type":"string","format":"\"WebAuthn\""},"newIdentifierVerificationRecordId":{"type":"string"},"name":{"type":"string"}}},{"type":"object","required":["type","secret"],"properties":{"type":{"type":"string","format":"\"Totp\""},"secret":{"type":"string"},"code":{"type":"string"}}},{"type":"object","required":["type","codes"],"properties":{"type":{"type":"string","format":"\"BackupCode\""},"codes":{"type":"array","items":{"type":"string"}}}},{"type":"object","properties":{"type":{"type":"string","enum":["WebAuthn"],"description":"The type of the MFA verification."},"newIdentifierVerificationRecordId":{"type":"string","description":"The identifier verification record ID for the new WebAuthn registration verification."},"name":{"type":"string","description":"The name of the MFA verification, if not provided, the name will be generated from user agent."}},"required":["type","newIdentifierVerificationRecordId"]},{"type":"object","properties":{"type":{"type":"string","enum":["TOTP"],"description":"The type of the MFA verification, for TOTP, one user can only bind one TOTP factor."},"secret":{"type":"string","description":"The TOTP secret for the MFA verification. Use the generate endpoint to create a secret, and verify the generated code with the user before binding to make sure the user has setup the secret in their authenticator app."},"code":{"type":"string","description":"Optional. The TOTP code generated by the secret to verify the binding."}},"required":["type","secret"]},{"type":"object","properties":{"type":{"type":"string","enum":["BackupCode"],"description":"The type of the MFA verification, for backup codes, one user can only bind one set of backup codes and requires at least one other MFA factor."},"codes":{"type":"array","items":{"type":"string"},"description":"Array of backup codes. Use the generate endpoint to create codes."}},"required":["type","codes"]}]}}}},"responses":{"204":{"description":"No Content"},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"Unprocessable Content"}},"summary":"Add a MFA verification","description":"Add a MFA verification to the user, a logto-verification-id in header is required for checking sensitive permissions."}},"/api/my-account/mfa-verifications/totp-secret/generate":{"post":{"operationId":"GenerateTotpSecret","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The TOTP secret was generated successfully.","content":{"application/json":{}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Generate a TOTP secret","description":"Generate a TOTP secret for the user."}},"/api/my-account/mfa-verifications/backup-codes/generate":{"post":{"operationId":"GenerateMyAccountBackupCodes","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The backup codes were generated successfully.","content":{"application/json":{}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Generate backup codes","description":"Generate backup codes for the user."}},"/api/my-account/mfa-verifications/backup-codes":{"get":{"operationId":"GetBackupCodes","tags":["My account"],"parameters":[],"responses":{"200":{"description":"The backup codes were retrieved successfully.","content":{"application/json":{}}},"401":{"description":"Unauthorized or identity verification required."},"403":{"description":"Forbidden"},"404":{"description":"No backup codes found for the user."}},"summary":"Get backup codes","description":"Get all backup codes for the user with their usage status. Requires identity verification."}},"/api/my-account/mfa-verifications/{verificationId}/name":{"patch":{"operationId":"UpdateMfaVerificationName","tags":["My account"],"parameters":[{"$ref":"#/components/parameters/verificationId"}],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"type":"string","description":"The name of the MFA verification."}}}}}},"responses":{"200":{"description":"The MFA verification name was updated successfully.","content":{"application/json":{}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Update a MFA verification name","description":"Update a MFA verification name, a logto-verification-id in header is required for checking sensitive permissions. Only WebAuthn is supported for now."}},"/api/my-account/mfa-verifications/{verificationId}":{"delete":{"operationId":"DeleteMfaVerification","tags":["My account"],"parameters":[{"$ref":"#/components/parameters/verificationId"}],"responses":{"204":{"description":"The MFA verification was deleted successfully."},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Delete an MFA verification","description":"Delete an MFA verification, a logto-verification-id in header is required for checking sensitive permissions."}},"/api/verifications/password":{"post":{"operationId":"CreateVerificationByPassword","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["password"],"properties":{"password":{"type":"string","minLength":1,"description":"The password of the user."}}}}}},"responses":{"201":{"description":"The verification record was created successfully.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId","expiresAt"],"properties":{"verificationRecordId":{"type":"string"},"expiresAt":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"422":{"description":"The password is invalid."}},"summary":"Create a record by password","description":"Create a verification record by verifying the password."}},"/api/verifications/verification-code":{"post":{"operationId":"CreateVerificationByVerificationCode","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier"],"properties":{"identifier":{"oneOf":[{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}}},{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string","format":"regex","pattern":"/^\\d+$/"}}}],"description":"The identifier (email address or phone number) to send the verification code to."},"templateType":{"oneOf":[{"type":"string","format":"\"BindMfa\""},{"type":"string","format":"\"UserPermissionValidation\""}],"description":"Optional override for the template type used to send the verification code. If the identifier is new, BindNewIdentifier will be used regardless."}}}}}},"responses":{"201":{"description":"The verification code has been successfully sent.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId","expiresAt"],"properties":{"verificationRecordId":{"type":"string"},"expiresAt":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"501":{"description":"The connector for sending the verification code is not configured."}},"summary":"Create a record by verification code","description":"Create a verification record and send the code to the specified identifier. The code verification can be used to verify the given identifier."}},"/api/verifications/verification-code/verify":{"post":{"operationId":"VerifyVerificationByVerificationCode","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["identifier","verificationId","code"],"properties":{"identifier":{"oneOf":[{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"email\""},"value":{"type":"string","format":"regex","pattern":"/^\\S+@\\S+\\.\\S+$/"}}},{"type":"object","required":["type","value"],"properties":{"type":{"type":"string","format":"\"phone\""},"value":{"type":"string","format":"regex","pattern":"/^\\d+$/"}}}],"description":"The identifier (email address or phone number) to verify the code against. Must match the identifier used to send the verification code."},"verificationId":{"type":"string","description":"The verification ID of the CodeVerification record."},"code":{"type":"string","description":"The verification code to be verified."}}}}}},"responses":{"200":{"description":"The verification code has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId"],"properties":{"verificationRecordId":{"type":"string"}}}}}},"400":{"description":"The verification code is invalid or the maximum number of attempts has been exceeded. Check the error message for details."},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"501":{"description":"The connector for sending the verification code is not configured."}},"summary":"Verify verification code","description":"Verify the provided verification code against the identifier. If successful, the verification record will be marked as verified."}},"/api/verifications/social":{"post":{"operationId":"CreateVerificationBySocial","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["state","redirectUri","connectorId"],"properties":{"state":{"type":"string","description":"A random string generated on the client side to prevent CSRF (Cross-Site Request Forgery) attacks."},"redirectUri":{"type":"string","description":"The URI to navigate back to after the user is authenticated by the connected social identity provider and has granted access to the connector."},"scope":{"type":"string","description":"The custom scopes of the social verification. It can be used to request specific permissions from the social identity provider. If provided, it will override the scope configured in the connector settings."},"connectorId":{"type":"string","description":"The Logto connector ID."}}}}}},"responses":{"201":{"description":"Successfully created the social verification record and returned the authorization URI.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId","authorizationUri","expiresAt"],"properties":{"verificationRecordId":{"type":"string","description":"The ID of the verification record."},"authorizationUri":{"type":"string","description":"The authorization URI to navigate to for authentication and authorization in the connected social identity provider."},"expiresAt":{"type":"string","description":"The expiration date and time of the verification record."}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"The connector specified by connectorId is not found."},"422":{"description":"The connector specified by connectorId is not a valid social connector."}},"summary":"Create a social verification record","description":"Create a social verification record and return the authorization URI."}},"/api/verifications/social/verify":{"post":{"operationId":"VerifyVerificationBySocial","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["connectorData","verificationRecordId"],"properties":{"connectorData":{"type":"object","description":"A json object constructed from the url query params returned by the social platform. Typically it contains `code`, `state` and `redirectUri` fields."},"verificationRecordId":{"type":"string"},"verificationId":{"description":"The verification ID of the SocialVerification record."}}}}}},"responses":{"200":{"description":"The social verification record has been successfully verified and the user information has been saved.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId"],"properties":{"verificationRecordId":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"},"422":{"description":"Unprocessable Content"}},"summary":"Verify a social verification record","description":"Verify a social verification record by callback connector data, and save the user information to the record."}},"/api/verifications/web-authn/registration":{"post":{"operationId":"GenerateWebAuthnRegistrationOptions","tags":["Verifications"],"parameters":[],"responses":{"200":{"description":"Successfully generated the WebAuthn registration options.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId","registrationOptions","expiresAt"],"properties":{"verificationRecordId":{"type":"string"},"registrationOptions":{"type":"object","required":["rp","user","challenge","pubKeyCredParams"],"properties":{"rp":{"type":"object","required":["name"],"properties":{"name":{"type":"string"},"id":{"type":"string"}}},"user":{"type":"object","required":["id","name","displayName"],"properties":{"id":{"type":"string"},"name":{"type":"string"},"displayName":{"type":"string"}}},"challenge":{"type":"string"},"pubKeyCredParams":{"type":"array","items":{"type":"object","required":["type","alg"],"properties":{"type":{"type":"string","format":"\"public-key\""},"alg":{"type":"number"}}}},"timeout":{"type":"number"},"excludeCredentials":{"type":"array","items":{"type":"object","required":["type","id"],"properties":{"type":{"type":"string","format":"\"public-key\""},"id":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}}}}},"authenticatorSelection":{"type":"object","properties":{"authenticatorAttachment":{"type":"string","enum":["platform","cross-platform"]},"requireResidentKey":{"type":"boolean"},"residentKey":{"type":"string","enum":["discouraged","preferred","required"]},"userVerification":{"type":"string","enum":["required","preferred","discouraged"]}}},"attestation":{"type":"string","enum":["none","indirect","direct","enterprise"]},"extensions":{"type":"object","properties":{"appid":{"type":"string"},"credProps":{"type":"boolean"},"hmacCreateSecret":{"type":"boolean"}}}}},"expiresAt":{"type":"string"}}}}}},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"}},"summary":"Generate WebAuthn registration options","description":"Generate WebAuthn registration options for the user to register a new WebAuthn device."}},"/api/verifications/web-authn/registration/verify":{"post":{"operationId":"VerifyWebAuthnRegistration","tags":["Verifications"],"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId","payload"],"properties":{"verificationRecordId":{"type":"string","description":"The ID of the verification record."},"payload":{"type":"object","required":["type","id","rawId","response","clientExtensionResults"],"properties":{"type":{"type":"string","format":"\"WebAuthn\""},"id":{"type":"string"},"rawId":{"type":"string"},"response":{"type":"object","required":["clientDataJSON","attestationObject"],"properties":{"clientDataJSON":{"type":"string"},"attestationObject":{"type":"string"},"authenticatorData":{"type":"string"},"transports":{"type":"array","items":{"type":"string","enum":["usb","nfc","ble","internal","cable","hybrid","smart-card"]}},"publicKeyAlgorithm":{"type":"number"},"publicKey":{"type":"string"}}},"authenticatorAttachment":{"type":"string","enum":["cross-platform","platform"]},"clientExtensionResults":{"type":"object","properties":{"appid":{"type":"boolean"},"crepProps":{"type":"object","properties":{"rk":{"type":"boolean"}}},"hmacCreateSecret":{"type":"boolean"}}}},"description":"The payload of the WebAuthn device."}}}}}},"responses":{"200":{"description":"The WebAuthn registration has been successfully verified.","content":{"application/json":{"schema":{"type":"object","required":["verificationRecordId"],"properties":{"verificationRecordId":{"type":"string"}}}}}},"400":{"description":"Bad Request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not Found"}},"summary":"Verify WebAuthn registration","description":"Verify the WebAuthn registration by the user's response."}}},"security":[{"OAuth2":["all"]}],"components":{"securitySchemes":{"OAuth2":{"type":"oauth2","description":"Logto Management API is a comprehensive set of REST APIs that gives you the full control over Logto to suit your product needs and tech stack. To see the full guide on Management API interactions, visit [Interact with Management API](https://docs.logto.io/docs/recipes/interact-with-management-api/).\n\n### Get started\n\nThe API follows the same authentication principles as other API resources in Logto, with some slight differences. To use Logto Management API:\n\n1. A machine-to-machine (M2M) application needs to be created.\n2. A machine-to-machine (M2M) role with Management API permission `all` needs to be assigned to the application.\n\nOnce you have them set up, you can use the `client_credentials` grant type to fetch an access token and use it to authenticate your requests to the Logto Management API.\n\n### Fetch an access token\n\nTo fetch an access token, you need to make a `POST` request to the `/oidc/token` endpoint of your Logto tenant.\n\nFor Logto Cloud users, the base URL is your Logto endpoint, i.e. `https://[tenant-id].logto.app`. The tenant ID can be found in the following places:\n\n- The first path segment of the URL when you are signed in to Logto Cloud. For example, if the URL is `https://cloud.logto.io/foo/get-started`, the tenant ID is `foo`.\n- In the \"Settings\" tab of Logto Cloud.\n\nThe request should follow the OAuth 2.0 [client credentials](https://datatracker.ietf.org/doc/html/rfc6749#section-4.4) grant type. Here is a non-normative example of how to fetch an access token:\n\n```bash\ncurl --location \\\n  --request POST 'https://[tenant-id].logto.app/oidc/token' \\\n  --header 'Content-Type: application/x-www-form-urlencoded' \\\n  --data-urlencode 'grant_type=client_credentials' \\\n  --data-urlencode 'client_id=[app-id]' \\\n  --data-urlencode 'client_secret=[app-secret]' \\\n  --data-urlencode 'resource=https://[tenant-id].logto.app/api' \\\n  --data-urlencode 'scope=all'\n```\n\nReplace `[tenant-id]`, `[app-id]`, and `[app-secret]` with your Logto tenant ID, application ID, and application secret, respectively.\n\nThe response will be like:\n\n```json\n{\n  \"access_token\": \"eyJhbG...2g\", // Use this value for accessing the Logto Management API\n  \"expires_in\": 3600, // Token expiration in seconds\n  \"token_type\": \"Bearer\", // Token type for your request when using the access token\n  \"scope\": \"all\" // Scope `all` for Logto Management API\n}\n```\n\n### Use the access token\n\nOnce you have the access token, you can use it to authenticate your requests to the Logto Management API. The access token should be included in the `Authorization` header of your requests with the `Bearer` authentication scheme.\n\nHere is an example of how to list the first page of users in your Logto tenant:\n\n```bash\ncurl --location \\\n  --request GET 'https://[tenant-id].logto.app/api/users' \\\n  --header 'Authorization: Bearer eyJhbG...2g'\n```\n\nReplace `[tenant-id]` with your Logto tenant ID and `eyJhbG...2g` with the access token you fetched earlier.","flows":{"clientCredentials":{"tokenUrl":"/oidc/token","scopes":{"all":"All scopes"}}}}},"schemas":{"TranslationObject":{"type":"object","properties":{"[translationKey]":{"$ref":"#/components/schemas/Translation"}},"example":{"input":{"username":"Username","password":"Password"},"action":{"sign_in":"Sign In","continue":"Continue"}}},"Translation":{"oneOf":[{"type":"string"}]},"ApplicationLegacySecret":{"type":"string","deprecated":true,"description":"The internal client secret. Note it is only used for internal validation, and the actual secrets should be retrieved from `/api/applications/{id}/secrets` endpoints."},"SamlApplicationResponse":{"type":"object","properties":{"id":{"type":"string","description":"The ID of the SAML application."},"name":{"type":"string","description":"The name of the SAML application."},"description":{"type":"string","description":"Description of the SAML application."},"customData":{"type":"object","description":"Custom data for the application."},"acsUrl":{"type":"string","description":"The Assertion Consumer Service (ACS) URL."},"entityId":{"type":"string","description":"The SAML entity ID."},"createdAt":{"type":"string","format":"date-time","description":"The creation time of the SAML application."}}},"SamlRequest":{"type":"string","description":"Base64-encoded SAML request message."},"SamlSignature":{"type":"string","description":"Base64-encoded signature of the request."},"SamlSignatureAlgorithm":{"type":"string","description":"The signature algorithm used to sign the request."},"RelayState":{"type":"string","description":"Optional state parameter to be returned in the response."}},"parameters":{"tenantId-root":{"name":"id","in":"path","description":"The unique identifier of the tenant.","required":true,"schema":{"type":"string"}},"tenantId":{"name":"tenantId","in":"path","description":"The unique identifier of the tenant.","required":true,"schema":{"type":"string"}},"keyId-root":{"in":"path","description":"The unique identifier of the key.","required":true,"schema":{"type":"string"},"name":"id"},"keyId":{"in":"path","description":"The unique identifier of the key.","required":true,"schema":{"type":"string"},"name":"keyId"},"connectorFactoryId-root":{"in":"path","description":"The unique identifier of the connector factory.","required":true,"schema":{"type":"string"},"name":"id"},"connectorFactoryId":{"in":"path","description":"The unique identifier of the connector factory.","required":true,"schema":{"type":"string"},"name":"connectorFactoryId"},"factoryId-root":{"in":"path","description":"The unique identifier of the factory.","required":true,"schema":{"type":"string"},"name":"id"},"factoryId":{"in":"path","description":"The unique identifier of the factory.","required":true,"schema":{"type":"string"},"name":"factoryId"},"applicationId-root":{"in":"path","description":"The unique identifier of the application.","required":true,"schema":{"type":"string"},"name":"id"},"applicationId":{"in":"path","description":"The unique identifier of the application.","required":true,"schema":{"type":"string"},"name":"applicationId"},"connectorId-root":{"in":"path","description":"The unique identifier of the connector.","required":true,"schema":{"type":"string"},"name":"id"},"connectorId":{"in":"path","description":"The unique identifier of the connector.","required":true,"schema":{"type":"string"},"name":"connectorId"},"ssoConnectorId-root":{"in":"path","description":"The unique identifier of the sso connector.","required":true,"schema":{"type":"string"},"name":"id"},"ssoConnectorId":{"in":"path","description":"The unique identifier of the sso connector.","required":true,"schema":{"type":"string"},"name":"ssoConnectorId"},"resourceId-root":{"in":"path","description":"The unique identifier of the resource.","required":true,"schema":{"type":"string"},"name":"id"},"resourceId":{"in":"path","description":"The unique identifier of the resource.","required":true,"schema":{"type":"string"},"name":"resourceId"},"userId-root":{"in":"path","description":"The unique identifier of the user.","required":true,"schema":{"type":"string"},"name":"id"},"userId":{"in":"path","description":"The unique identifier of the user.","required":true,"schema":{"type":"string"},"name":"userId"},"logId-root":{"in":"path","description":"The unique identifier of the log.","required":true,"schema":{"type":"string"},"name":"id"},"logId":{"in":"path","description":"The unique identifier of the log.","required":true,"schema":{"type":"string"},"name":"logId"},"roleId-root":{"in":"path","description":"The unique identifier of the role.","required":true,"schema":{"type":"string"},"name":"id"},"roleId":{"in":"path","description":"The unique identifier of the role.","required":true,"schema":{"type":"string"},"name":"roleId"},"scopeId-root":{"in":"path","description":"The unique identifier of the scope.","required":true,"schema":{"type":"string"},"name":"id"},"scopeId":{"in":"path","description":"The unique identifier of the scope.","required":true,"schema":{"type":"string"},"name":"scopeId"},"hookId-root":{"in":"path","description":"The unique identifier of the hook.","required":true,"schema":{"type":"string"},"name":"id"},"hookId":{"in":"path","description":"The unique identifier of the hook.","required":true,"schema":{"type":"string"},"name":"hookId"},"domainId-root":{"in":"path","description":"The unique identifier of the domain.","required":true,"schema":{"type":"string"},"name":"id"},"domainId":{"in":"path","description":"The unique identifier of the domain.","required":true,"schema":{"type":"string"},"name":"domainId"},"verificationId-root":{"in":"path","description":"The unique identifier of the verification.","required":true,"schema":{"type":"string"},"name":"id"},"verificationId":{"in":"path","description":"The unique identifier of the verification.","required":true,"schema":{"type":"string"},"name":"verificationId"},"organizationId-root":{"in":"path","description":"The unique identifier of the organization.","required":true,"schema":{"type":"string"},"name":"id"},"organizationId":{"in":"path","description":"The unique identifier of the organization.","required":true,"schema":{"type":"string"},"name":"organizationId"},"organizationRoleId-root":{"in":"path","description":"The unique identifier of the organization role.","required":true,"schema":{"type":"string"},"name":"id"},"organizationRoleId":{"in":"path","description":"The unique identifier of the organization role.","required":true,"schema":{"type":"string"},"name":"organizationRoleId"},"organizationScopeId-root":{"in":"path","description":"The unique identifier of the organization scope.","required":true,"schema":{"type":"string"},"name":"id"},"organizationScopeId":{"in":"path","description":"The unique identifier of the organization scope.","required":true,"schema":{"type":"string"},"name":"organizationScopeId"},"organizationInvitationId-root":{"in":"path","description":"The unique identifier of the organization invitation.","required":true,"schema":{"type":"string"},"name":"id"},"organizationInvitationId":{"in":"path","description":"The unique identifier of the organization invitation.","required":true,"schema":{"type":"string"},"name":"organizationInvitationId"},"samlApplicationId-root":{"in":"path","description":"The unique identifier of the saml application.","required":true,"schema":{"type":"string"},"name":"id"},"samlApplicationId":{"in":"path","description":"The unique identifier of the saml application.","required":true,"schema":{"type":"string"},"name":"samlApplicationId"},"secretId-root":{"in":"path","description":"The unique identifier of the secret.","required":true,"schema":{"type":"string"},"name":"id"},"secretId":{"in":"path","description":"The unique identifier of the secret.","required":true,"schema":{"type":"string"},"name":"secretId"},"emailTemplateId-root":{"in":"path","description":"The unique identifier of the email template.","required":true,"schema":{"type":"string"},"name":"id"},"emailTemplateId":{"in":"path","description":"The unique identifier of the email template.","required":true,"schema":{"type":"string"},"name":"emailTemplateId"},"oneTimeTokenId-root":{"in":"path","description":"The unique identifier of the one time token.","required":true,"schema":{"type":"string"},"name":"id"},"oneTimeTokenId":{"in":"path","description":"The unique identifier of the one time token.","required":true,"schema":{"type":"string"},"name":"oneTimeTokenId"},"sessionId-root":{"in":"path","description":"The unique identifier of the session.","required":true,"schema":{"type":"string"},"name":"id"},"sessionId":{"in":"path","description":"The unique identifier of the session.","required":true,"schema":{"type":"string"},"name":"sessionId"},"samlId-root":{"name":"id","in":"path","required":true,"description":"The ID of the SAML application.","schema":{"type":"string"}}}},"tags":[{"name":"Account center","description":"Customize your account API settings."},{"name":"Applications","description":"Application represents your registered software program or service that has been authorized to access user information and perform actions on behalf of users within the system. Currently, Logto supports four types of applications:\n\n- Traditional web\n\n- Single-page app\n- Native app\n- Machine-to-machine app.\n\nDepending on the application type, it may have different authentication flows and access to the system. See [🔗 Integrate Logto in your application](https://docs.logto.io/docs/recipes/integrate-logto/) to learn more about how to integrate Logto into your application.\n\nRole-based access control (RBAC) is supported for machine-to-machine applications. See [🔐 Role-based access control (RBAC)](https://docs.logto.io/docs/recipes/rbac/) to get started with role-based access control."},{"name":"Audit logs","description":"Audit logs are used to track end-user activities in Logto sign-in experience and other flows. It does not include activities in Logto Console."},{"name":"Authn","description":"Authentication endpoints for third-party integrations and identity providers."},{"name":"Captcha provider","description":"Setup the captcha provider."},{"name":"Cloud only"},{"name":"Configs","description":"Endpoints for managing Logto global configurations for the tenant, such as admin console config and OIDC signing keys.\n\nSee [🔑 Signing keys](https://docs.logto.io/docs/recipes/signing-keys-rotation/) to learn more about signing keys and key rotation."},{"name":"Connector factories","description":"Connector factories are used to create connectors. They can be treated as preconfigured templates for connectors."},{"name":"Connectors","description":"Connectors are the bridge between Logto and other third-party vendors who provide short message service (SMS), email service, or user information on wildly accepted social media.\n\nTo learn more about connectors, please see [🪛 Configure connectors](https://docs.logto.io/docs/recipes/configure-connectors/)."},{"name":"Custom phrases","description":"Endpoints for managing custom phrases that allow you to customize the phrases displayed in the sign-in experience.\n\nSee [Localized language](https://docs.logto.io/docs/recipes/customize-sie/localized-language/) to learn more about custom phrases for localization."},{"name":"Custom profile fields","description":"An admin feature used to create a customized user profile form, which is used to collect additional user information upon successful registrations."},{"name":"Custom UI assets","description":"Endpoints for uploading custom UI assets for the sign-in experience. Users can upload a zip file containing custom HTML, CSS, and JavaScript files to replace and fully customize the sign-in experience."},{"name":"Dashboard","description":"Endpoints that power the dashboard page of Console to show the statistics of the current tenant."},{"name":"Domains","description":"Custom domain lets you present a consistent brand by having your own domain name on the sign-in and registration pages. See [🌍 Custom domain](https://docs.logto.io/docs/recipes/custom-domain/) for more details."},{"name":"Email templates","description":"Manage custom i18n email templates for various types of emails, such as sign-in verification codes and password resets."},{"name":"Experience","description":"The Experience endpoints allow end-users to interact with Logto for identity verification and profile completion."},{"name":"Hooks","description":"Hook enables you to effortlessly receive real-time updates regarding specific events, such as user registration, sign-in, or password reset. See [🪝 Webhooks] to get started and learn more."},{"name":"My account","description":"Account routes provide functionality for managing user profile for the end user to interact directly with access tokens."},{"name":"One-time tokens","description":"One-time tokens are used for various authentication and verification purposes. They are typically sent via email and have an expiration time."},{"name":"Organization applications","description":"Manage organization - application relationships. An application can be associated with one or more organizations in order to get access to the organization resources.\n\nCurrently, only machine-to-machine applications can be associated with organizations."},{"name":"Organization invitations","description":"Organization invitations are used to invite users to join an organization. They are sent via email and contain a link that the user can click to accept the invitation and join the organization."},{"name":"Organization roles","description":"Organization roles are used to define a set of organization scopes that can be assigned to users. Every organization role is a part of the organization template.\n\nOrganization roles will only be meaningful within an organization context. For example, a user may have an `admin` role for organization A, but not for organization B. See [🏢 Organizations (Multi-tenancy)](https://docs.logto.io/docs/recipes/organizations/) to get started with organizations and organization template."},{"name":"Organization scopes","description":"Organization scopes (permissions) are used to define actions that can be performed on a organization. Every organization scope is a part of the organization template.\n\nOrganization scopes will only be meaningful within an organization context. For example, a user may have a `read` scope for organization A, but not for organization B. See [🏢 Organizations (Multi-tenancy)](https://docs.logto.io/docs/recipes/organizations/) to get started with organizations and organization template."},{"name":"Organization users","description":"Manage organization - user relationships. A user can be a member of one or more organizations in order to get access to the organization resources.\n\nUsers can be assigned roles in organizations to grant them permissions to perform certain actions in the organization."},{"name":"Organizations","description":"Organization is a concept that brings together multiple identities (mostly users). Logto supports multiple organizations, and each organization can have multiple users.\n\nEvery organization shares the same set (organization template) of roles and permissions. Each user can have different roles in different organizations. See [🏢 Organizations (Multi-tenancy)](https://docs.logto.io/docs/recipes/organizations/) to get started with organizations and organization template."},{"name":"Resources","description":"Resources (API resources) represent the APIs that you want to protect with Logto. Each resource has a unique indicator (URI) and a set of scopes (permissions). The resources will be used in the authorization process which conforms to [RFC 8707: Resource Indicators for OAuth 2.0](https://www.rfc-editor.org/rfc/rfc8707.html).\n\nSee [⚔️ Protect your API](https://docs.logto.io/docs/recipes/protect-your-api/) to learn more about how to define API resources and protect your APIs with Logto."},{"name":"Roles","description":"Role management for API resource RBAC (role-based access control). See [🔐 Role-based access control (RBAC)](https://docs.logto.io/docs/recipes/rbac/) to get started with role-based access control."},{"name":"SAML applications","description":"SAML (Security Assertion Markup Language) applications represent applications that use SAML protocol for single sign-on (SSO). These endpoints allow you to manage SAML applications, including their configurations and signing certificates."},{"name":"SAML applications auth flow","description":"Endpoints for SAML (Security Assertion Markup Language) applications auth flow."},{"name":"Secrets","description":"Secrets are used to store sensitive information such as API keys, third-party tokens, and other confidential data in Logto's Secret Vault."},{"name":"Sentinel activities","description":"Sentinel activities are used to track and manage user authentication attempts, including successful and failed attempts. Based on your sentinel policy settings, Logto will automatically block users after a certain number of failed attempts. This helps to prevent unauthorized access and protect sensitive data. "},{"name":"Sign-in experience","description":"Endpoints for customizing Logto sign-in experience. See [🎨 Customize sign-in experience](https://docs.logto.io/docs/recipes/customize-sie/) to learn more about how the configuration works and reflects on the user interface."},{"name":"SSO connector providers","description":"Endpoints for SSO (single sign-on) connector providers.\n\nSSO connector providers provide the metadata and configuration templates for creating SSO connectors."},{"name":"SSO connectors","description":"Endpoints for managing single sign-on (SSO) connectors. Your sign-in experience can use these well-configured SSO connectors to authenticate users and sync user attributes from external identity providers (IdPs).\n\nSSO connectors are created by SSO connector provider factories."},{"name":"Status","description":"Endpoints for health check."},{"name":"Subject tokens","description":"The subject token API provides the ability to create a new subject token for the use of impersonating the user."},{"name":"Swagger.json","description":"Endpoints for the Swagger JSON document."},{"name":"Systems","description":"Endpoints for system constants and information."},{"name":"User assets","description":"Endpoints for managing user uploaded assets."},{"name":"Users","description":"Endpoints for user management. Including creating, updating, deleting, and querying users with flexible filters. In addition to the endpoints, see [🧑‍🚀 Manage users](https://docs.logto.io/docs/recipes/manage-users/) for more insights."},{"name":"Verification codes","description":"Endpoints for handling verification codes. It is helpful when building a custom profile page in your app. See [👤 User profile](https://docs.logto.io/docs/recipes/user-profile/#optional-validate-verification-code) for more details.\n\nNote: Before you call the endpoints, you need to setup your email/SMS connector first."},{"name":"Verifications","description":"Endpoints for creating and validating verification records, which can be used in Profile routes."},{"name":"Well-known","description":"Well-Known routes provide information and resources that can be discovered by clients without the need for authentication."}]}