authentik-api 2026.2.3 → 2026.5.0.rc2

data/lib/authentik/api/api/core_api.rb

@@ -1541,6 +1541,7 @@ module Authentik::Api
     # @option opts [String] :flow_authentication 
     # @option opts [String] :flow_device_code 
     # @option opts [String] :flow_invalidation 
+    # @option opts [String] :flow_lockdown 
     # @option opts [String] :flow_recovery 
     # @option opts [String] :flow_unenrollment 
     # @option opts [String] :flow_user_settings 
@@ -1568,6 +1569,7 @@ module Authentik::Api
     # @option opts [String] :flow_authentication 
     # @option opts [String] :flow_device_code 
     # @option opts [String] :flow_invalidation 
+    # @option opts [String] :flow_lockdown 
     # @option opts [String] :flow_recovery 
     # @option opts [String] :flow_unenrollment 
     # @option opts [String] :flow_user_settings 
@@ -1597,6 +1599,7 @@ module Authentik::Api
       query_params[:'flow_authentication'] = opts[:'flow_authentication'] if !opts[:'flow_authentication'].nil?
       query_params[:'flow_device_code'] = opts[:'flow_device_code'] if !opts[:'flow_device_code'].nil?
       query_params[:'flow_invalidation'] = opts[:'flow_invalidation'] if !opts[:'flow_invalidation'].nil?
+      query_params[:'flow_lockdown'] = opts[:'flow_lockdown'] if !opts[:'flow_lockdown'].nil?
       query_params[:'flow_recovery'] = opts[:'flow_recovery'] if !opts[:'flow_recovery'].nil?
       query_params[:'flow_unenrollment'] = opts[:'flow_unenrollment'] if !opts[:'flow_unenrollment'].nil?
       query_params[:'flow_user_settings'] = opts[:'flow_user_settings'] if !opts[:'flow_user_settings'].nil?
@@ -2674,7 +2677,7 @@ module Authentik::Api
     # @option opts [Time] :expires 
     # @option opts [Boolean] :expiring 
     # @option opts [String] :identifier 
-    # @option opts [String] :intent 
+    # @option opts [IntentEnum] :intent 
     # @option opts [String] :managed 
     # @option opts [String] :ordering Which field to use when ordering the results.
     # @option opts [Integer] :page A page number within the paginated result set.
@@ -2693,7 +2696,7 @@ module Authentik::Api
     # @option opts [Time] :expires 
     # @option opts [Boolean] :expiring 
     # @option opts [String] :identifier 
-    # @option opts [String] :intent 
+    # @option opts [IntentEnum] :intent 
     # @option opts [String] :managed 
     # @option opts [String] :ordering Which field to use when ordering the results.
     # @option opts [Integer] :page A page number within the paginated result set.
@@ -2705,10 +2708,6 @@ module Authentik::Api
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: CoreApi.core_tokens_list ...'
       end
-      allowable_values = ["api", "app_password", "recovery", "verification"]
-      if @api_client.config.client_side_validation && opts[:'intent'] && !allowable_values.include?(opts[:'intent'])
-        fail ArgumentError, "invalid value for \"intent\", must be one of #{allowable_values}"
-      end
       # resource path
       local_var_path = '/core/tokens/'
 
@@ -3477,6 +3476,68 @@ module Authentik::Api
       return data, status_code, headers
     end
 
+    # Choose the target account, then return a flow link.
+    # @param [Hash] opts the optional parameters
+    # @option opts [UserAccountLockdownRequest] :user_account_lockdown_request 
+    # @return [Link]
+    def core_users_account_lockdown_create(opts = {})
+      data, _status_code, _headers = core_users_account_lockdown_create_with_http_info(opts)
+      data
+    end
+
+    # Choose the target account, then return a flow link.
+    # @param [Hash] opts the optional parameters
+    # @option opts [UserAccountLockdownRequest] :user_account_lockdown_request 
+    # @return [Array<(Link, Integer, Hash)>] Link data, response status code and response headers
+    def core_users_account_lockdown_create_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: CoreApi.core_users_account_lockdown_create ...'
+      end
+      # resource path
+      local_var_path = '/core/users/account_lockdown/'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(opts[:'user_account_lockdown_request'])
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'Link'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['authentik']
+
+      new_options = opts.merge(
+        :operation => :"CoreApi.core_users_account_lockdown_create",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: CoreApi#core_users_account_lockdown_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # User Viewset
     # @param user_request [UserRequest] 
     # @param [Hash] opts the optional parameters
@@ -3629,7 +3690,7 @@ module Authentik::Api
     # @option opts [Array<String>] :roles_by_name 
     # @option opts [Array<String>] :roles_by_pk 
     # @option opts [String] :search A search term.
-    # @option opts [Array<String>] :type 
+    # @option opts [Array<UserTypeEnum>] :type 
     # @option opts [String] :username 
     # @option opts [String] :uuid 
     # @return [DataExport]
@@ -3663,7 +3724,7 @@ module Authentik::Api
     # @option opts [Array<String>] :roles_by_name 
     # @option opts [Array<String>] :roles_by_pk 
     # @option opts [String] :search A search term.
-    # @option opts [Array<String>] :type 
+    # @option opts [Array<UserTypeEnum>] :type 
     # @option opts [String] :username 
     # @option opts [String] :uuid 
     # @return [Array<(DataExport, Integer, Hash)>] DataExport data, response status code and response headers
@@ -3671,10 +3732,6 @@ module Authentik::Api
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: CoreApi.core_users_export_create ...'
       end
-      allowable_values = ["external", "internal", "internal_service_account", "service_account"]
-      if @api_client.config.client_side_validation && opts[:'type'] && !opts[:'type'].all? { |item| allowable_values.include?(item) }
-        fail ArgumentError, "invalid value for \"type\", must include one of #{allowable_values}"
-      end
       # resource path
       local_var_path = '/core/users/export/'
 
@@ -3897,7 +3954,7 @@ module Authentik::Api
     # @option opts [Array<String>] :roles_by_name 
     # @option opts [Array<String>] :roles_by_pk 
     # @option opts [String] :search A search term.
-    # @option opts [Array<String>] :type 
+    # @option opts [Array<UserTypeEnum>] :type 
     # @option opts [String] :username 
     # @option opts [String] :uuid 
     # @return [PaginatedUserList]
@@ -3935,7 +3992,7 @@ module Authentik::Api
     # @option opts [Array<String>] :roles_by_name 
     # @option opts [Array<String>] :roles_by_pk 
     # @option opts [String] :search A search term.
-    # @option opts [Array<String>] :type 
+    # @option opts [Array<UserTypeEnum>] :type 
     # @option opts [String] :username 
     # @option opts [String] :uuid 
     # @return [Array<(PaginatedUserList, Integer, Hash)>] PaginatedUserList data, response status code and response headers
@@ -3943,10 +4000,6 @@ module Authentik::Api
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: CoreApi.core_users_list ...'
       end
-      allowable_values = ["external", "internal", "internal_service_account", "service_account"]
-      if @api_client.config.client_side_validation && opts[:'type'] && !opts[:'type'].all? { |item| allowable_values.include?(item) }
-        fail ArgumentError, "invalid value for \"type\", must include one of #{allowable_values}"
-      end
       # resource path
       local_var_path = '/core/users/'
 
@@ -4537,6 +4590,78 @@ module Authentik::Api
       return data, status_code, headers
     end
 
+    # Set a user's password from a pre-hashed Django password value.  Submit the Django password hash in the shared ``password`` request field.  This updates authentik's local password verifier only. It does not attempt to propagate the password change to LDAP or Kerberos because no raw password is available from the request payload.
+    # @param id [Integer] A unique integer value identifying this User.
+    # @param user_password_hash_set_request [UserPasswordHashSetRequest] 
+    # @param [Hash] opts the optional parameters
+    # @return [nil]
+    def core_users_set_password_hash_create(id, user_password_hash_set_request, opts = {})
+      core_users_set_password_hash_create_with_http_info(id, user_password_hash_set_request, opts)
+      nil
+    end
+
+    # Set a user&#39;s password from a pre-hashed Django password value.  Submit the Django password hash in the shared &#x60;&#x60;password&#x60;&#x60; request field.  This updates authentik&#39;s local password verifier only. It does not attempt to propagate the password change to LDAP or Kerberos because no raw password is available from the request payload.
+    # @param id [Integer] A unique integer value identifying this User.
+    # @param user_password_hash_set_request [UserPasswordHashSetRequest] 
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
+    def core_users_set_password_hash_create_with_http_info(id, user_password_hash_set_request, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: CoreApi.core_users_set_password_hash_create ...'
+      end
+      # verify the required parameter 'id' is set
+      if @api_client.config.client_side_validation && id.nil?
+        fail ArgumentError, "Missing the required parameter 'id' when calling CoreApi.core_users_set_password_hash_create"
+      end
+      # verify the required parameter 'user_password_hash_set_request' is set
+      if @api_client.config.client_side_validation && user_password_hash_set_request.nil?
+        fail ArgumentError, "Missing the required parameter 'user_password_hash_set_request' when calling CoreApi.core_users_set_password_hash_create"
+      end
+      # resource path
+      local_var_path = '/core/users/{id}/set_password_hash/'.sub('{id}', CGI.escape(id.to_s))
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json']) unless header_params['Accept']
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+          header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(user_password_hash_set_request)
+
+      # return_type
+      return_type = opts[:debug_return_type]
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['authentik']
+
+      new_options = opts.merge(
+        :operation => :"CoreApi.core_users_set_password_hash_create",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: CoreApi#core_users_set_password_hash_create\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # User Viewset
     # @param id [Integer] A unique integer value identifying this User.
     # @param user_request [UserRequest] 

data/lib/authentik/api/api/crypto_api.rb

@@ -209,7 +209,7 @@ module Authentik::Api
     # CertificateKeyPair Viewset
     # @param [Hash] opts the optional parameters
     # @option opts [Boolean] :has_key Only return certificate-key pairs with keys
-    # @option opts [Array<String>] :key_type Filter by key algorithm type (RSA, EC, DSA, etc). Can be specified multiple times (e.g. &#39;?key_type&#x3D;rsa&amp;key_type&#x3D;ec&#39;)
+    # @option opts [Array<KeyTypeEnum>] :key_type 
     # @option opts [String] :managed 
     # @option opts [String] :name 
     # @option opts [String] :ordering Which field to use when ordering the results.
@@ -225,7 +225,7 @@ module Authentik::Api
     # CertificateKeyPair Viewset
     # @param [Hash] opts the optional parameters
     # @option opts [Boolean] :has_key Only return certificate-key pairs with keys
-    # @option opts [Array<String>] :key_type Filter by key algorithm type (RSA, EC, DSA, etc). Can be specified multiple times (e.g. &#39;?key_type&#x3D;rsa&amp;key_type&#x3D;ec&#39;)
+    # @option opts [Array<KeyTypeEnum>] :key_type 
     # @option opts [String] :managed 
     # @option opts [String] :name 
     # @option opts [String] :ordering Which field to use when ordering the results.
@@ -237,10 +237,6 @@ module Authentik::Api
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: CryptoApi.crypto_certificatekeypairs_list ...'
       end
-      allowable_values = ["dsa", "ec", "ed25519", "ed448", "rsa"]
-      if @api_client.config.client_side_validation && opts[:'key_type'] && !opts[:'key_type'].all? { |item| allowable_values.include?(item) }
-        fail ArgumentError, "invalid value for \"key_type\", must include one of #{allowable_values}"
-      end
       # resource path
       local_var_path = '/crypto/certificatekeypairs/'