Port 11001 · 270 endpoints · micro-services/identity-service/
| Method | Path | Summary | |
|---|---|---|---|
/admin/auth/api-keys | Admin list API Keys | detail → | |
/admin/auth/api-keys/anomalies | Security Anomaly Detection | detail → | |
/admin/auth/api-keys/batch-revoke | Batch revoke API Keys | detail → | |
/admin/auth/api-keys/cleanup-audit-logs | Clean old audit logs | detail → | |
/admin/auth/api-keys/expiring | Get expiring API Keys | detail → | |
/admin/auth/api-keys/stats | Admin API Key statistics | detail → | |
/admin/auth/api-keys/{id}/force | Admin force revoke API Key | detail → | |
/auth/api-keys | Query API Key list | detail → | |
/auth/api-keys | Create API Key | detail → | |
/auth/api-keys/{id} | Revoke API Key | detail → | |
/auth/api-keys/{id} | Get API Key details | detail → | |
/auth/api-keys/{id}/audit-logs | Get API Key audit logs | detail → | |
/auth/api-keys/{id}/ip-restrictions | Add IP restriction | detail → | |
/auth/api-keys/{id}/ip-restrictions/{restriction_id} | Delete IP restriction | detail → | |
/auth/api-keys/{id}/rotate | Rotate API Key | detail → | |
/auth/api-keys/{id}/scopes | Update API Key permission scopes | detail → | |
/auth/api-keys/{id}/status | Enable/disable API Key | detail → | |
/auth/api-keys/{id}/usage | Get API Key usage statistics | detail → | |
/auth/api-keys/{id}/usage-stats | Get API Key usage statistics | detail → | |
/internal/identity/validate-key | Validate API Key (Internal) | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/impersonate | Admin impersonate user login | detail → | |
/admin/users | List users | detail → | |
/admin/users | Create user | detail → | |
/admin/users/batch | Batch create users | detail → | |
/admin/users/batch/status | Batch update user status | detail → | |
/admin/users/merge | Merge users | detail → | |
/admin/users/{user_id} | Delete user | detail → | |
/admin/users/{user_id} | Get user details | detail → | |
/admin/users/{user_id} | Update user information | detail → | |
/admin/users/{user_id}/account-unlocks | Unlock account | detail → | |
/admin/users/{user_id}/identities | Get user identity list | detail → | |
/admin/users/{user_id}/identities | Add user identity | detail → | |
/admin/users/{user_id}/identities/{identity_id} | Remove user identity | detail → | |
/admin/users/{user_id}/identities/{identity_id}/set-primary | Set primary identity | detail → | |
/admin/users/{user_id}/identities/{identity_id}/verifications | Verify user identity | detail → | |
/admin/users/{user_id}/impersonate | Admin impersonate user | detail → | |
/admin/users/{user_id}/login-histories | Get login history | detail → | |
/admin/users/{user_id}/security-status | Get security status | detail → | |
/admin/users/{user_id}/status | Update user status | detail → | |
/auth/me | Deactivate current account | detail → | |
/auth/me/audit-logs | Get my audit logs | detail → | |
/auth/me/children-consent | Get child privacy consent status | detail → | |
/auth/me/consent | Revoke user consent | detail → | |
/auth/me/consent | Record user consent | detail → | |
/auth/me/consent-history | Get consent history | detail → | |
/auth/me/delete-account | Permanently delete account (GDPR Right to Erasure/Account Deletion) | detail → | |
/auth/me/devices | Get my device list | detail → | |
/auth/me/devices/{device_id} | Remove device | detail → | |
/auth/me/devices/{device_id}/trust | Trust/untrust device | detail → | |
/auth/me/email/change | Change email address | detail → | |
/auth/me/email/verify | Verify email change | detail → | |
/auth/me/export-data | Export my data (GDPR DSAR) | detail → | |
/auth/me/memberships | Get my tenant membership status | detail → | |
/auth/me/phone/change | Change phone number | detail → | |
/auth/me/phone/verify | Verify phone number change | detail → | |
/auth/me/recovery-contacts | Get recovery contacts list | detail → | |
/auth/me/recovery-contacts | Add recovery contact | detail → | |
/auth/me/recovery-contacts/{contact_id} | Remove recovery contact | detail → | |
/auth/me/saml-links | Get SAML linked account list | detail → | |
/auth/me/saml-links/{id} | Unlink SAML linked account | detail → | |
/auth/me/security-events | Get security events list | detail → | |
/auth/me/security-events/{event_id}/dismiss | Disable security event notifications | detail → | |
/auth/me/sessions | Logout all sessions | detail → | |
/auth/me/sessions | List my sessions | detail → | |
/auth/me/sessions/{session_id} | Logout specified session | detail → | |
/auth/me/stop-impersonation | End impersonation session | detail → | |
/internal/identity/erase-user/{user_id} | Internal hard delete user | detail → | |
/internal/maker-checker/record | Record Maker-Checker | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/users/{user_id}/oauth-connections | Admin view user OAuth connections | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/agents | List Agents | detail → | |
/admin/agents | Create Agent | detail → | |
/admin/agents/{id} | Revoke Agent | detail → | |
/admin/agents/{id} | Get Agent | detail → | |
/admin/agents/{id} | Update Agent | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/delegation-grants | List delegation authorizations | detail → | |
/admin/delegation-grants | Create delegation authorization | detail → | |
/admin/delegation-grants/{id} | Revoke delegation authorization | detail → | |
/admin/delegation-grants/{id} | Get delegation authorization details | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/iots | List Devices | detail → | |
/admin/iots | Create Device | detail → | |
/admin/iots/{id} | Revoke Device | detail → | |
/admin/iots/{id} | Get Device | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/robots | List Robots | detail → | |
/admin/robots | Create Robot | detail → | |
/admin/robots/{id} | Delete Robot | detail → | |
/admin/robots/{id} | Get Robot | detail → | |
/admin/robots/{id} | Update Robot | detail → | |
/admin/robots/{id}/commission | Commission Robot | detail → | |
/admin/robots/{id}/decommission | Decommission Robot | detail → | |
/admin/robots/{id}/intent | Issue Intent Token | detail → | |
/admin/robots/{id}/intent/revoke | Revoke Intent Token | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/users/{user_id}/password | Modify password | detail → | |
/admin/users/{user_id}/password-resets | Reset password | detail → | |
/admin/users/{user_id}/password-status | Get user password status | detail → | |
/auth/anonymous | Anonymous authentication | detail → | |
/auth/captcha/challenge | Get CAPTCHA challenge | detail → | |
/auth/forgot-password | Forgot password | detail → | |
/auth/generate-ticket | Generate one-time ticket | detail → | |
/auth/id-token/signin | ID Token login | detail → | |
/auth/login | User login | detail → | |
/auth/login/email-code | Email verification code login | detail → | |
/auth/login/phone-code | Phone verification code login | detail → | |
/auth/magic-link | Send magic link | detail → | |
/auth/magic-link/callback | Magic link callback (GET→POST two-step redirect) | detail → | |
/auth/magic-link/callback | Magic link callback (GET→POST two-step redirect) | detail → | |
/auth/magic-link/confirm | Verify magic link | detail → | |
/auth/magic-link/request | Request send magic link | detail → | |
/auth/me | Get current logged-in user info | detail → | |
/auth/me | Update current user info | detail → | |
/auth/me/email-verification-status | Check email verification status | detail → | |
/auth/me/password | Change current user password | detail → | |
/auth/me/password-strength | Check password strength | detail → | |
/auth/me/permissions | Get current user permissions | detail → | |
/auth/me/phone-verification-status | Check phone verification status | detail → | |
/auth/me/switch-tenant | Switch current tenant | detail → | |
/auth/me/tenants | Get current user tenants | detail → | |
/auth/oauth/accounts | Get user OAuth account list | detail → | |
/auth/oauth/bind | Link OAuth account | detail → | |
/auth/oauth/providers | Get OAuth provider list | detail → | |
/auth/oauth/unbind | Unlink OAuth account | detail → | |
/auth/oauth/{provider} | Initiate OAuth login | detail → | |
/auth/oauth/{provider}/callback | OAuth callback | detail → | |
/auth/re-authenticate | Re-authenticate (Step-up) | detail → | |
/auth/recover-account | Initialize account recovery via recovery contact | detail → | |
/auth/recover-account/reset | Reset password via recovery code | detail → | |
/auth/recovery/complete | Complete account recovery | detail → | |
/auth/recovery/request | Initiate account recovery | detail → | |
/auth/recovery/verify | Verify account recovery code | detail → | |
/auth/refresh | Refresh access token | detail → | |
/auth/register | User registration | detail → | |
/auth/register/check-email | Check email availability | detail → | |
/auth/register/check-email | Check email availability | detail → | |
/auth/register/check-username | Check username availability | detail → | |
/auth/register/check-username | Check username availability | detail → | |
/auth/register/email-code | Email verification code registration | detail → | |
/auth/register/invitation | Invitation registration | detail → | |
/auth/register/oauth | OAuth supplementary registration | detail → | |
/auth/register/phone-code | Phone verification code registration | detail → | |
/auth/register/reapply | Re-apply for registration | detail → | |
/auth/resend-sms-code | Resend SMS verification code | detail → | |
/auth/resend-verification-email | Resend email verification | detail → | |
/auth/reset-password | Reset password | detail → | |
/auth/send-login-code | Send login verification code | detail → | |
/auth/send-sms-code | Send SMS verification code | detail → | |
/auth/send-verification-email | Send email verification | detail → | |
/auth/sso/callback | Enterprise SSO callback | detail → | |
/auth/sso/initiate | Initiate enterprise SSO login | detail → | |
/auth/ticket/signin | Ticket-based login | detail → | |
/auth/verify-email | Verify email address | detail → | |
/auth/verify-phone | Verify phone number | detail → | |
/auth/verify-reset-code | Verify reset verification code | detail → | |
/auth/web3/verify | Verify Web3 wallet signature | detail → | |
/internal/identity/verify-password | Verify password | detail → | |
/internal/record-login-failure | Record login failure | detail → | |
/internal/record-login-success | Record login success | detail → | |
/public/auth-config/by-domain/{domain} | Get tenant authentication configuration by domain (Public) | detail → | |
/public/auth-config/by-slug/{slug} | Get authentication configuration by tenant identifier (Public) | detail → | |
/public/auth-config/{tenant_id} | Get tenant authentication configuration (Public) | detail → | |
/public/password-strength | Check password strength (Public) | detail → | |
/public/tenants/discover | Discover publicly joinable tenants | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/public/key-exchange | ECDH key exchange | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/auth-policies | List tenant authentication policies | detail → | |
/admin/auth-policies/{tenant_id} | Delete tenant authentication policy | detail → | |
/admin/auth-policies/{tenant_id} | Get tenant authentication policy | detail → | |
/admin/auth-policies/{tenant_id} | Update tenant authentication policy | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/identity-providers | List identity providers | detail → | |
/admin/identity-providers | Create identity provider | detail → | |
/admin/identity-providers/import-oidc-discovery | Import OIDC Discovery | detail → | |
/admin/identity-providers/import-saml-metadata | Import SAML Metadata | detail → | |
/admin/identity-providers/{id} | Delete identity provider | detail → | |
/admin/identity-providers/{id} | Get identity provider details | detail → | |
/admin/identity-providers/{id} | Update identity provider | detail → | |
/admin/identity-providers/{id}/activate | Enable identity provider | detail → | |
/admin/identity-providers/{id}/attribute-mapping | Get attribute mapping | detail → | |
/admin/identity-providers/{id}/attribute-mapping | Update attribute mapping | detail → | |
/admin/identity-providers/{id}/certificates | List certificates | detail → | |
/admin/identity-providers/{id}/certificates | Upload certificate | detail → | |
/admin/identity-providers/{id}/certificates/{cert_id} | Delete certificate | detail → | |
/admin/identity-providers/{id}/certificates/{cert_id}/rotate | Certificate rotation | detail → | |
/admin/identity-providers/{id}/deactivate | Disable identity provider | detail → | |
/admin/identity-providers/{id}/jit-config | Get JIT configuration | detail → | |
/admin/identity-providers/{id}/jit-config | Update JIT configuration | detail → | |
/admin/identity-providers/{id}/stats | Get provider statistics | detail → | |
/admin/identity-providers/{id}/test | Test identity provider connection | detail → | |
/admin/identity-providers/{id}/users | Get provider associated users | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/iots | List User Devices | detail → | |
/iots/pair | Pair Device | detail → | |
/iots/{id} | Unpair Device | detail → | |
/iots/{id}/transfer | Transfer Device | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/maker-checker | List maker-checker records | detail → | |
/admin/maker-checker/{id} | Delete maker-checker record | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/users/{user_id}/children-consent/deny | Reject child consent | detail → | |
/admin/users/{user_id}/children-consent/verify | Verify child consent | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/auth/mfa/verify-challenge | Verify MFA challenge | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/agents/{id}/credentials | List Agent Credentials | detail → | |
/admin/agents/{id}/credentials | Create Agent Credential | detail → | |
/admin/agents/{id}/credentials/{cred_id} | Revoke Agent Credential | detail → | |
/admin/agents/{id}/credentials/{cred_id} | Get Agent Credential | detail → | |
/admin/agents/{id}/credentials/{cred_id}/rotate | Rotate Agent Credential | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/policies/nhi | Get NHI policy | detail → | |
/admin/policies/nhi | Update NHI policy | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/users/{user_id}/oauth-connections | Admin view user OAuth connections | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/auth/oidc/backchannel-logout | OIDC back-channel logout | detail → | |
/auth/oidc/logout | RP-initiated logout | detail → | |
/auth/oidc/session-iframe | OIDC session state iframe | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/abac-policies | List ABAC policies | detail → | |
/admin/abac-policies | Create ABAC policy | detail → | |
/admin/abac-policies/{id} | Delete ABAC policy | detail → | |
/admin/abac-policies/{id} | Get ABAC policy details | detail → | |
/admin/abac-policies/{id} | Update ABAC policy | detail → | |
/admin/relationships/check | Check relationship permission | detail → | |
/admin/relationships/expand | Expand relationship tree | detail → | |
/admin/role-activations | List role activation records | detail → | |
/admin/role-activations/{id}/approve | Approve role activation | detail → | |
/admin/role-activations/{id}/revoke | Revoke role activation | detail → | |
/auth/me/role-activations | Query my role activations | detail → | |
/auth/me/role-activations | Request role activation | detail → | |
/internal/pim/cleanup-expired | Clean up expired role activations | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/scim/Groups | List SCIM groups | detail → | |
/scim/Groups | Create SCIM group | detail → | |
/scim/Groups/{id} | Delete SCIM group | detail → | |
/scim/Groups/{id} | Get SCIM group | detail → | |
/scim/Groups/{id} | Partially update SCIM group | detail → | |
/scim/Groups/{id} | Update SCIM group | detail → | |
/scim/ResourceTypes | SCIM resource types | detail → | |
/scim/Schemas | SCIM Schemas | detail → | |
/scim/ServiceProviderConfig | SCIM service provider configuration | detail → | |
/scim/Users | List SCIM users | detail → | |
/scim/Users | Create SCIM user | detail → | |
/scim/Users/{id} | Delete SCIM user | detail → | |
/scim/Users/{id} | Get SCIM user | detail → | |
/scim/Users/{id} | Partially update SCIM user | detail → | |
/scim/Users/{id} | Update SCIM user | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/security/risk-events | Risk event list | detail → | |
/admin/security/risk-events/aggregation | Risk event aggregation | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/security/risk-config | Get risk configuration | detail → | |
/admin/security/risk-config | Update risk configuration | detail → | |
/admin/security/risk-config/reset | Reset risk configuration | detail → | |
/admin/security/risk-dashboard | Risk dashboard | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/security/auth-config | Get authentication configuration | detail → | |
/admin/security/auth-config | Update authentication configuration | detail → | |
/admin/security/password-policy | Get password policy | detail → | |
/admin/security/password-policy | Update password policy | detail → | |
/admin/security/password-stats | Get password statistics | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/auth/me/authenticator/backup | detail → | ||
/auth/me/authenticator/backup | detail → | ||
/auth/me/authenticator/backup/{id} | detail → | ||
/auth/me/authenticator/devices | detail → | ||
/auth/me/authenticator/devices/{id} | Remove authenticator device | detail → | |
/auth/qr-login/cancel | Cancel QR code login | detail → | |
/auth/qr-login/confirm | Confirm QR code login | detail → | |
/auth/qr-login/initiate | Initiate QR code login | detail → | |
/auth/qr-login/scan | Scan QR code login | detail → | |
/auth/qr-login/status | Query QR code login status | detail → | |
/devices | Remove all devices | detail → | |
/devices | Get user device list | detail → | |
/devices/{id} | Remove device | detail → | |
/devices/{id}/trust | Trust/Untrust device | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/auth/me/webauthn-credentials | Get registered Passkey list | detail → | |
/auth/me/webauthn-credentials/{id} | Delete Passkey | detail → | |
/auth/webauthn/authenticate/begin | Start Passkey public authentication | detail → | |
/auth/webauthn/authenticate/complete | Complete Passkey public authentication | detail → | |
/auth/webauthn/login/begin | Start Passkey login | detail → | |
/auth/webauthn/login/complete | Complete Passkey login | detail → | |
/auth/webauthn/register/begin | Start Passkey registration | detail → | |
/auth/webauthn/register/complete | Complete Passkey registration | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/admin/ldap/health | LDAP directory health check | detail → | |
/admin/ldap/test-connection | Test LDAP directory connection | detail → | |
/admin/ldap/{name}/group-role-mapping | Get LDAP group-role mapping | detail → | |
/admin/ldap/{name}/group-role-mapping | Update LDAP group-role mapping | detail → |
| Method | Path | Summary | |
|---|---|---|---|
/auth/ldap/login | LDAP directory authentication | detail → |