Autional Autional
API Reference GitHub autional.com →

Identity Service

Port 11001 · 270 endpoints · micro-services/identity-service/

API Key

MethodPathSummary
GET/admin/auth/api-keysAdmin list API Keysdetail →
GET/admin/auth/api-keys/anomaliesSecurity Anomaly Detectiondetail →
POST/admin/auth/api-keys/batch-revokeBatch revoke API Keysdetail →
POST/admin/auth/api-keys/cleanup-audit-logsClean old audit logsdetail →
GET/admin/auth/api-keys/expiringGet expiring API Keysdetail →
GET/admin/auth/api-keys/statsAdmin API Key statisticsdetail →
DELETE/admin/auth/api-keys/{id}/forceAdmin force revoke API Keydetail →
GET/auth/api-keysQuery API Key listdetail →
POST/auth/api-keysCreate API Keydetail →
DELETE/auth/api-keys/{id}Revoke API Keydetail →
GET/auth/api-keys/{id}Get API Key detailsdetail →
GET/auth/api-keys/{id}/audit-logsGet API Key audit logsdetail →
POST/auth/api-keys/{id}/ip-restrictionsAdd IP restrictiondetail →
DELETE/auth/api-keys/{id}/ip-restrictions/{restriction_id}Delete IP restrictiondetail →
POST/auth/api-keys/{id}/rotateRotate API Keydetail →
PUT/auth/api-keys/{id}/scopesUpdate API Key permission scopesdetail →
PUT/auth/api-keys/{id}/statusEnable/disable API Keydetail →
GET/auth/api-keys/{id}/usageGet API Key usage statisticsdetail →
GET/auth/api-keys/{id}/usage-statsGet API Key usage statisticsdetail →
POST/internal/identity/validate-keyValidate API Key (Internal)detail →

Account Management

MethodPathSummary
POST/admin/impersonateAdmin impersonate user logindetail →
GET/admin/usersList usersdetail →
POST/admin/usersCreate userdetail →
POST/admin/users/batchBatch create usersdetail →
POST/admin/users/batch/statusBatch update user statusdetail →
POST/admin/users/mergeMerge usersdetail →
DELETE/admin/users/{user_id}Delete userdetail →
GET/admin/users/{user_id}Get user detailsdetail →
PUT/admin/users/{user_id}Update user informationdetail →
POST/admin/users/{user_id}/account-unlocksUnlock accountdetail →
GET/admin/users/{user_id}/identitiesGet user identity listdetail →
POST/admin/users/{user_id}/identitiesAdd user identitydetail →
DELETE/admin/users/{user_id}/identities/{identity_id}Remove user identitydetail →
PUT/admin/users/{user_id}/identities/{identity_id}/set-primarySet primary identitydetail →
POST/admin/users/{user_id}/identities/{identity_id}/verificationsVerify user identitydetail →
POST/admin/users/{user_id}/impersonateAdmin impersonate userdetail →
GET/admin/users/{user_id}/login-historiesGet login historydetail →
GET/admin/users/{user_id}/security-statusGet security statusdetail →
PUT/admin/users/{user_id}/statusUpdate user statusdetail →
DELETE/auth/meDeactivate current accountdetail →
GET/auth/me/audit-logsGet my audit logsdetail →
GET/auth/me/children-consentGet child privacy consent statusdetail →
DELETE/auth/me/consentRevoke user consentdetail →
POST/auth/me/consentRecord user consentdetail →
GET/auth/me/consent-historyGet consent historydetail →
POST/auth/me/delete-accountPermanently delete account (GDPR Right to Erasure/Account Deletion)detail →
GET/auth/me/devicesGet my device listdetail →
DELETE/auth/me/devices/{device_id}Remove devicedetail →
PUT/auth/me/devices/{device_id}/trustTrust/untrust devicedetail →
POST/auth/me/email/changeChange email addressdetail →
POST/auth/me/email/verifyVerify email changedetail →
POST/auth/me/export-dataExport my data (GDPR DSAR)detail →
GET/auth/me/membershipsGet my tenant membership statusdetail →
POST/auth/me/phone/changeChange phone numberdetail →
POST/auth/me/phone/verifyVerify phone number changedetail →
GET/auth/me/recovery-contactsGet recovery contacts listdetail →
POST/auth/me/recovery-contactsAdd recovery contactdetail →
DELETE/auth/me/recovery-contacts/{contact_id}Remove recovery contactdetail →
GET/auth/me/saml-linksGet SAML linked account listdetail →
DELETE/auth/me/saml-links/{id}Unlink SAML linked accountdetail →
GET/auth/me/security-eventsGet security events listdetail →
POST/auth/me/security-events/{event_id}/dismissDisable security event notificationsdetail →
DELETE/auth/me/sessionsLogout all sessionsdetail →
GET/auth/me/sessionsList my sessionsdetail →
DELETE/auth/me/sessions/{session_id}Logout specified sessiondetail →
POST/auth/me/stop-impersonationEnd impersonation sessiondetail →
DELETE/internal/identity/erase-user/{user_id}Internal hard delete userdetail →
POST/internal/maker-checker/recordRecord Maker-Checkerdetail →

Admin

MethodPathSummary
GET/admin/users/{user_id}/oauth-connectionsAdmin view user OAuth connectionsdetail →

Admin/Agents

MethodPathSummary
GET/admin/agentsList Agentsdetail →
POST/admin/agentsCreate Agentdetail →
DELETE/admin/agents/{id}Revoke Agentdetail →
GET/admin/agents/{id}Get Agentdetail →
PUT/admin/agents/{id}Update Agentdetail →

Admin/Delegation

MethodPathSummary
GET/admin/delegation-grantsList delegation authorizationsdetail →
POST/admin/delegation-grantsCreate delegation authorizationdetail →
DELETE/admin/delegation-grants/{id}Revoke delegation authorizationdetail →
GET/admin/delegation-grants/{id}Get delegation authorization detailsdetail →

Admin/IoTs

MethodPathSummary
GET/admin/iotsList Devicesdetail →
POST/admin/iotsCreate Devicedetail →
DELETE/admin/iots/{id}Revoke Devicedetail →
GET/admin/iots/{id}Get Devicedetail →

Admin/Robots

MethodPathSummary
GET/admin/robotsList Robotsdetail →
POST/admin/robotsCreate Robotdetail →
DELETE/admin/robots/{id}Delete Robotdetail →
GET/admin/robots/{id}Get Robotdetail →
PUT/admin/robots/{id}Update Robotdetail →
POST/admin/robots/{id}/commissionCommission Robotdetail →
POST/admin/robots/{id}/decommissionDecommission Robotdetail →
POST/admin/robots/{id}/intentIssue Intent Tokendetail →
POST/admin/robots/{id}/intent/revokeRevoke Intent Tokendetail →

Authentication

MethodPathSummary
PUT/admin/users/{user_id}/passwordModify passworddetail →
POST/admin/users/{user_id}/password-resetsReset passworddetail →
GET/admin/users/{user_id}/password-statusGet user password statusdetail →
POST/auth/anonymousAnonymous authenticationdetail →
GET/auth/captcha/challengeGet CAPTCHA challengedetail →
POST/auth/forgot-passwordForgot passworddetail →
POST/auth/generate-ticketGenerate one-time ticketdetail →
POST/auth/id-token/signinID Token logindetail →
POST/auth/loginUser logindetail →
POST/auth/login/email-codeEmail verification code logindetail →
POST/auth/login/phone-codePhone verification code logindetail →
POST/auth/magic-linkSend magic linkdetail →
GET/auth/magic-link/callbackMagic link callback (GET→POST two-step redirect)detail →
POST/auth/magic-link/callbackMagic link callback (GET→POST two-step redirect)detail →
GET/auth/magic-link/confirmVerify magic linkdetail →
POST/auth/magic-link/requestRequest send magic linkdetail →
GET/auth/meGet current logged-in user infodetail →
PUT/auth/meUpdate current user infodetail →
GET/auth/me/email-verification-statusCheck email verification statusdetail →
PUT/auth/me/passwordChange current user passworddetail →
POST/auth/me/password-strengthCheck password strengthdetail →
GET/auth/me/permissionsGet current user permissionsdetail →
GET/auth/me/phone-verification-statusCheck phone verification statusdetail →
POST/auth/me/switch-tenantSwitch current tenantdetail →
GET/auth/me/tenantsGet current user tenantsdetail →
GET/auth/oauth/accountsGet user OAuth account listdetail →
POST/auth/oauth/bindLink OAuth accountdetail →
GET/auth/oauth/providersGet OAuth provider listdetail →
POST/auth/oauth/unbindUnlink OAuth accountdetail →
GET/auth/oauth/{provider}Initiate OAuth logindetail →
GET/auth/oauth/{provider}/callbackOAuth callbackdetail →
POST/auth/re-authenticateRe-authenticate (Step-up)detail →
POST/auth/recover-accountInitialize account recovery via recovery contactdetail →
POST/auth/recover-account/resetReset password via recovery codedetail →
POST/auth/recovery/completeComplete account recoverydetail →
POST/auth/recovery/requestInitiate account recoverydetail →
POST/auth/recovery/verifyVerify account recovery codedetail →
POST/auth/refreshRefresh access tokendetail →
POST/auth/registerUser registrationdetail →
GET/auth/register/check-emailCheck email availabilitydetail →
POST/auth/register/check-emailCheck email availabilitydetail →
GET/auth/register/check-usernameCheck username availabilitydetail →
POST/auth/register/check-usernameCheck username availabilitydetail →
POST/auth/register/email-codeEmail verification code registrationdetail →
POST/auth/register/invitationInvitation registrationdetail →
POST/auth/register/oauthOAuth supplementary registrationdetail →
POST/auth/register/phone-codePhone verification code registrationdetail →
POST/auth/register/reapplyRe-apply for registrationdetail →
POST/auth/resend-sms-codeResend SMS verification codedetail →
POST/auth/resend-verification-emailResend email verificationdetail →
POST/auth/reset-passwordReset passworddetail →
POST/auth/send-login-codeSend login verification codedetail →
POST/auth/send-sms-codeSend SMS verification codedetail →
POST/auth/send-verification-emailSend email verificationdetail →
POST/auth/sso/callbackEnterprise SSO callbackdetail →
POST/auth/sso/initiateInitiate enterprise SSO logindetail →
POST/auth/ticket/signinTicket-based logindetail →
POST/auth/verify-emailVerify email addressdetail →
POST/auth/verify-phoneVerify phone numberdetail →
POST/auth/verify-reset-codeVerify reset verification codedetail →
POST/auth/web3/verifyVerify Web3 wallet signaturedetail →
POST/internal/identity/verify-passwordVerify passworddetail →
POST/internal/record-login-failureRecord login failuredetail →
POST/internal/record-login-successRecord login successdetail →
GET/public/auth-config/by-domain/{domain}Get tenant authentication configuration by domain (Public)detail →
GET/public/auth-config/by-slug/{slug}Get authentication configuration by tenant identifier (Public)detail →
GET/public/auth-config/{tenant_id}Get tenant authentication configuration (Public)detail →
POST/public/password-strengthCheck password strength (Public)detail →
GET/public/tenants/discoverDiscover publicly joinable tenantsdetail →

Authentication - Internal

MethodPathSummary
GET/public/key-exchangeECDH key exchangedetail →

Authentication Policy Management

MethodPathSummary
GET/admin/auth-policiesList tenant authentication policiesdetail →
DELETE/admin/auth-policies/{tenant_id}Delete tenant authentication policydetail →
GET/admin/auth-policies/{tenant_id}Get tenant authentication policydetail →
PUT/admin/auth-policies/{tenant_id}Update tenant authentication policydetail →

Identity Providers

MethodPathSummary
GET/admin/identity-providersList identity providersdetail →
POST/admin/identity-providersCreate identity providerdetail →
POST/admin/identity-providers/import-oidc-discoveryImport OIDC Discoverydetail →
POST/admin/identity-providers/import-saml-metadataImport SAML Metadatadetail →
DELETE/admin/identity-providers/{id}Delete identity providerdetail →
GET/admin/identity-providers/{id}Get identity provider detailsdetail →
PUT/admin/identity-providers/{id}Update identity providerdetail →
POST/admin/identity-providers/{id}/activateEnable identity providerdetail →
GET/admin/identity-providers/{id}/attribute-mappingGet attribute mappingdetail →
PUT/admin/identity-providers/{id}/attribute-mappingUpdate attribute mappingdetail →
GET/admin/identity-providers/{id}/certificatesList certificatesdetail →
POST/admin/identity-providers/{id}/certificatesUpload certificatedetail →
DELETE/admin/identity-providers/{id}/certificates/{cert_id}Delete certificatedetail →
POST/admin/identity-providers/{id}/certificates/{cert_id}/rotateCertificate rotationdetail →
POST/admin/identity-providers/{id}/deactivateDisable identity providerdetail →
GET/admin/identity-providers/{id}/jit-configGet JIT configurationdetail →
PUT/admin/identity-providers/{id}/jit-configUpdate JIT configurationdetail →
GET/admin/identity-providers/{id}/statsGet provider statisticsdetail →
POST/admin/identity-providers/{id}/testTest identity provider connectiondetail →
GET/admin/identity-providers/{id}/usersGet provider associated usersdetail →

IoTs

MethodPathSummary
GET/iotsList User Devicesdetail →
POST/iots/pairPair Devicedetail →
DELETE/iots/{id}Unpair Devicedetail →
POST/iots/{id}/transferTransfer Devicedetail →

Maker-Checker

MethodPathSummary
GET/admin/maker-checkerList maker-checker recordsdetail →
DELETE/admin/maker-checker/{id}Delete maker-checker recorddetail →

Minor Management

MethodPathSummary
POST/admin/users/{user_id}/children-consent/denyReject child consentdetail →
POST/admin/users/{user_id}/children-consent/verifyVerify child consentdetail →

Multi-Factor Authentication

MethodPathSummary
POST/auth/mfa/verify-challengeVerify MFA challengedetail →

NHI Agents

MethodPathSummary
GET/admin/agents/{id}/credentialsList Agent Credentialsdetail →
POST/admin/agents/{id}/credentialsCreate Agent Credentialdetail →
DELETE/admin/agents/{id}/credentials/{cred_id}Revoke Agent Credentialdetail →
GET/admin/agents/{id}/credentials/{cred_id}Get Agent Credentialdetail →
POST/admin/agents/{id}/credentials/{cred_id}/rotateRotate Agent Credentialdetail →

NHI Management

MethodPathSummary
GET/admin/policies/nhiGet NHI policydetail →
PUT/admin/policies/nhiUpdate NHI policydetail →

OAuth

MethodPathSummary
GET/admin/users/{user_id}/oauth-connectionsAdmin view user OAuth connectionsdetail →

OAuth Authorization

MethodPathSummary
POST/auth/oidc/backchannel-logoutOIDC back-channel logoutdetail →
POST/auth/oidc/logoutRP-initiated logoutdetail →
GET/auth/oidc/session-iframeOIDC session state iframedetail →

Role Permissions

MethodPathSummary
GET/admin/abac-policiesList ABAC policiesdetail →
POST/admin/abac-policiesCreate ABAC policydetail →
DELETE/admin/abac-policies/{id}Delete ABAC policydetail →
GET/admin/abac-policies/{id}Get ABAC policy detailsdetail →
PUT/admin/abac-policies/{id}Update ABAC policydetail →
POST/admin/relationships/checkCheck relationship permissiondetail →
GET/admin/relationships/expandExpand relationship treedetail →
GET/admin/role-activationsList role activation recordsdetail →
POST/admin/role-activations/{id}/approveApprove role activationdetail →
POST/admin/role-activations/{id}/revokeRevoke role activationdetail →
GET/auth/me/role-activationsQuery my role activationsdetail →
POST/auth/me/role-activationsRequest role activationdetail →
POST/internal/pim/cleanup-expiredClean up expired role activationsdetail →

SCIM

MethodPathSummary
GET/scim/GroupsList SCIM groupsdetail →
POST/scim/GroupsCreate SCIM groupdetail →
DELETE/scim/Groups/{id}Delete SCIM groupdetail →
GET/scim/Groups/{id}Get SCIM groupdetail →
PATCH/scim/Groups/{id}Partially update SCIM groupdetail →
PUT/scim/Groups/{id}Update SCIM groupdetail →
GET/scim/ResourceTypesSCIM resource typesdetail →
GET/scim/SchemasSCIM Schemasdetail →
GET/scim/ServiceProviderConfigSCIM service provider configurationdetail →
GET/scim/UsersList SCIM usersdetail →
POST/scim/UsersCreate SCIM userdetail →
DELETE/scim/Users/{id}Delete SCIM userdetail →
GET/scim/Users/{id}Get SCIM userdetail →
PATCH/scim/Users/{id}Partially update SCIM userdetail →
PUT/scim/Users/{id}Update SCIM userdetail →

Security

MethodPathSummary
GET/admin/security/risk-eventsRisk event listdetail →
GET/admin/security/risk-events/aggregationRisk event aggregationdetail →

Security Management

MethodPathSummary
GET/admin/security/risk-configGet risk configurationdetail →
PUT/admin/security/risk-configUpdate risk configurationdetail →
POST/admin/security/risk-config/resetReset risk configurationdetail →
GET/admin/security/risk-dashboardRisk dashboarddetail →

Security Policy

MethodPathSummary
GET/admin/security/auth-configGet authentication configurationdetail →
PUT/admin/security/auth-configUpdate authentication configurationdetail →
GET/admin/security/password-policyGet password policydetail →
PUT/admin/security/password-policyUpdate password policydetail →
GET/admin/security/password-statsGet password statisticsdetail →

Sessions & Devices

MethodPathSummary
GET/auth/me/authenticator/backupdetail →
POST/auth/me/authenticator/backupdetail →
DELETE/auth/me/authenticator/backup/{id}detail →
GET/auth/me/authenticator/devicesdetail →
DELETE/auth/me/authenticator/devices/{id}Remove authenticator devicedetail →
POST/auth/qr-login/cancelCancel QR code logindetail →
POST/auth/qr-login/confirmConfirm QR code logindetail →
POST/auth/qr-login/initiateInitiate QR code logindetail →
POST/auth/qr-login/scanScan QR code logindetail →
GET/auth/qr-login/statusQuery QR code login statusdetail →
DELETE/devicesRemove all devicesdetail →
GET/devicesGet user device listdetail →
DELETE/devices/{id}Remove devicedetail →
PUT/devices/{id}/trustTrust/Untrust devicedetail →

WebAuthn

MethodPathSummary
GET/auth/me/webauthn-credentialsGet registered Passkey listdetail →
DELETE/auth/me/webauthn-credentials/{id}Delete Passkeydetail →
POST/auth/webauthn/authenticate/beginStart Passkey public authenticationdetail →
POST/auth/webauthn/authenticate/completeComplete Passkey public authenticationdetail →
POST/auth/webauthn/login/beginStart Passkey logindetail →
POST/auth/webauthn/login/completeComplete Passkey logindetail →
POST/auth/webauthn/register/beginStart Passkey registrationdetail →
POST/auth/webauthn/register/completeComplete Passkey registrationdetail →

admin

MethodPathSummary
GET/admin/ldap/healthLDAP directory health checkdetail →
POST/admin/ldap/test-connectionTest LDAP directory connectiondetail →
GET/admin/ldap/{name}/group-role-mappingGet LDAP group-role mappingdetail →
PUT/admin/ldap/{name}/group-role-mappingUpdate LDAP group-role mappingdetail →

auth

MethodPathSummary
POST/auth/ldap/loginLDAP directory authenticationdetail →