The Authorization and Authentication section of the InvenTree API schema is documented below.
InvenTree API 435¶
API for InvenTree - the intuitive open source inventory management system
Servers¶
| Description | URL |
|---|---|
| http://localhost:8000 | http://localhost:8000 |
Account: 2FA¶
GET /api/auth/v1/account/authenticators¶
List authenticators
Response 200 OK
Refer to the common response description: allauth.Authenticators.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
Response 410 Gone
Refer to the common response description: allauth.SessionGone.
GET /api/auth/v1/account/authenticators/recovery-codes¶
List recovery codes
Description
List recovery codes.
Response 200 OK
Refer to the common response description: allauth.RecoveryCodes.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
Response 404 Not Found
Refer to the common response description: allauth.NotFound.
POST /api/auth/v1/account/authenticators/recovery-codes¶
Regenerate recovery codes
Response 400 Bad Request
{
"summary": "Unable to generate recovery codes.\n",
"value": {
"errors": [
{
"message": "You cannot deactivate two-factor authentication.\ncode: cannot_generate_recovery_codes\n"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
DELETE /api/auth/v1/account/authenticators/totp¶
Deactivate TOTP
Description
Deactivates TOTP authentication. If the user authentication is not
sufficiently recent, a reauthentication flow (401) will is presented.
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
GET /api/auth/v1/account/authenticators/totp¶
TOTP authenticator status
Description
Retrieve the information about the current TOTP authenticator, if any.
Response 200 OK
Refer to the common response description: allauth.TOTPAuthenticator.
Response 404 Not Found
Refer to the common response description: allauth.TOTPAuthenticatorNotFound.
Response 409 Conflict
Refer to the common response description: allauth.AddAuthenticatorConflict.
POST /api/auth/v1/account/authenticators/totp¶
Activate TOTP
Description
The code should be provided from the consuming TOTP authenticator application which was generated using the TOTP authenticator secret retrieved from the TOTP authenticator status endpoint.
Request body
{
"code": null
}
Schema of the request body
{
"properties": {
"code": {
"$ref": "#/components/schemas/allauth.AuthenticatorCode"
}
},
"required": [
"code"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.TOTPAuthenticator.
Response 400 Bad Request
{
"summary": "An error response indicating that the provided code is incorrect.\n",
"value": {
"errors": [
{
"code": "incorrect_code",
"message": "Incorrect code.",
"param": "code"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
Response 409 Conflict
Refer to the common response description: allauth.AddAuthenticatorConflict.
Account: WebAuthn¶
DELETE /api/auth/v1/account/authenticators/webauthn¶
Delete a WebAuthn credential
Request body
{
"authenticators": [
null
]
}
Schema of the request body
{
"properties": {
"authenticators": {
"description": "The IDs of the authenticator that are to be deleted.\n",
"items": {
"$ref": "#/components/schemas/allauth.AuthenticatorID"
},
"type": "array"
}
},
"required": [
"authenticators"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
GET /api/auth/v1/account/authenticators/webauthn¶
Get WebAuthn credential creation options
Description
Returns the WebAuthn credential creation options, that can be
processed using parseCreationOptionsFromJSON() on the frontend.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
passwordless |
query | boolean | No | When present (regardless of its value), enables passwordless sign-in via a WebAuthn credential (Passkey), but may enforce additional multi-factor authentication (MFA) requirements. Omit the parameter to disable. |
Response 200 OK
Refer to the common response description: allauth.WebAuthnCreationOptionsResponse.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
Response 409 Conflict
Refer to the common response description: allauth.AddAuthenticatorConflict.
POST /api/auth/v1/account/authenticators/webauthn¶
Add a WebAuthn credential
Request body
{
"credential": null,
"name": "Master key"
}
Schema of the request body
{
"properties": {
"credential": {
"$ref": "#/components/schemas/allauth.WebAuthnCredential"
},
"name": {
"example": "Master key",
"type": "string"
}
},
"required": [
"credential"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.AddWebAuthnAuthenticator.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
Response 409 Conflict
Refer to the common response description: allauth.AddAuthenticatorConflict.
PUT /api/auth/v1/account/authenticators/webauthn¶
Rename a WebAuthn credential
Description
You can alter the name of a WebAuthn credential by PUT'ting the ID and name of the authenticator representing that credential. You can obtain the credentials via the "List authenticators" endpoint.
Request body
{
"id": null,
"name": "Master key"
}
Schema of the request body
{
"properties": {
"id": {
"$ref": "#/components/schemas/allauth.AuthenticatorID"
},
"name": {
"example": "Master key",
"type": "string"
}
},
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.WebAuthnAuthenticator.
Response 401 Unauthorized
Refer to the common response description: allauth.ReauthenticationRequired.
Account: Email¶
DELETE /api/auth/v1/account/email¶
Remove an email address
Description
Used to remove an email address.
Request body
{
"email": null
}
Schema of the request body
{
"properties": {
"email": {
"$ref": "#/components/schemas/allauth.Email"
}
},
"required": [
"email"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.EmailAddresses.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
GET /api/auth/v1/account/email¶
List email addresses
Description
Retrieves the list of email addresses of the account.
Response 200 OK
Refer to the common response description: allauth.EmailAddresses.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
PATCH /api/auth/v1/account/email¶
Change primary email address
Description
Used to change primary email address to a different one. Note that only verified email addresses can be marked as primary.
Request body
{
"email": "email@domain.org",
"primary": true
}
Schema of the request body
{
"properties": {
"email": {
"description": "An email address.\n",
"example": "email@domain.org",
"type": "string"
},
"primary": {
"description": "Primary flag.\n",
"enum": [
true
],
"type": "boolean"
}
},
"required": [
"email",
"primary"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.EmailAddresses.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
POST /api/auth/v1/account/email¶
Add/Change email address
Description
The following functionality is available:
- Adding a new email address for an already signed in user
(
ACCOUNT_CHANGE_EMAIL = False). - Change to a new email address for an already signed in user
(
ACCOUNT_CHANGE_EMAIL = True). - Change to a new email address during the email verification process at
signup (
ACCOUNT_EMAIL_VERIFICATION_SUPPORTS_CHANGE = True).
In all cases, an email verification mail will be sent containing a link or code that needs to be verified.
Request body
{
"email": null
}
Schema of the request body
{
"properties": {
"email": {
"$ref": "#/components/schemas/allauth.Email"
}
},
"required": [
"email"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.EmailAddresses.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.AuthenticationOrReauthentication.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
PUT /api/auth/v1/account/email¶
Request email verification
Description
Requests for (another) email verification email to be sent. Note that sending emails is rate limited, so when you send too many requests the email will not be sent.
Request body
{
"email": null
}
Schema of the request body
{
"properties": {
"email": {
"$ref": "#/components/schemas/allauth.Email"
}
},
"required": [
"email"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 403 Forbidden
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Account: Password¶
POST /api/auth/v1/account/password/change¶
Change password
Description
In order to change the password of an account, the current and new password must be provider. However, accounts that were created by signing up using a third-party provider do not have a password set. In that case, the current password is not required.
Request body
{
"current_password": null,
"new_password": "Aberto!"
}
Schema of the request body
{
"properties": {
"current_password": {
"$ref": "#/components/schemas/allauth.Password"
},
"new_password": {
"description": "The current password.\n",
"example": "Aberto!",
"type": "string"
}
},
"required": [
"new_password"
],
"type": "object"
}
Response 400 Bad Request
Refer to the common response description: allauth.Error.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
Account: Phone¶
GET /api/auth/v1/account/phone¶
Get the phone number
Description
Retrieves the phone number of the account, if any. Note that while the endpoint returns a list of phone numbers, at most one entry is returned.
Response 200 OK
Refer to the common response description: allauth.PhoneNumbers.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
POST /api/auth/v1/account/phone¶
Change the phone number
Description
The following functionality is available:
- Initiate the phone number change process for signed in users.
- Change to a new phone number during the phone number verification
process at signup for unauthenticated users. Note that this requires:
ACCOUNT_PHONE_VERIFICATION_SUPPORTS_CHANGE = True.
In both cases, after posting a new phone number, proceed with the phone verification endpoint to confirm the change of the phone number by posting the verification code.
Request body
{
"phone": "+314159265359"
}
Schema of the request body
{
"properties": {
"phone": {
"example": "+314159265359",
"type": "string"
}
},
"required": [
"phone"
],
"type": "object"
}
Response 202 Accepted
{
"data": [
{
"phone": "+314159265359",
"verified": false
}
],
"status": 202
}
Schema of the response body
{
"example": {
"data": [
{
"phone": "+314159265359",
"verified": false
}
],
"status": 202
},
"properties": {
"data": {
"items": {
"$ref": "#/components/schemas/allauth.PhoneNumber"
},
"type": "array"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusAccepted"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.AuthenticationOrReauthentication.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Account: Providers¶
DELETE /api/auth/v1/account/providers¶
Disconnect a third-party provider account
Description
Disconnect a third-party provider account, returning the remaining accounts that are still connected. The disconnect is not allowed if it would leave the account unusable. For example, if no password was set up yet.
Request body
{
"account": null,
"provider": null
}
Schema of the request body
{
"properties": {
"account": {
"$ref": "#/components/schemas/allauth.ProviderAccountID"
},
"provider": {
"$ref": "#/components/schemas/allauth.ProviderID"
}
},
"required": [
"account",
"provider"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.ProviderAccounts.
Response 400 Bad Request
{
"summary": "Account without a verified email.",
"value": {
"errors": [
{
"code": "no_verified_email",
"message": "Your account has no verified email address.",
"param": "account"
}
],
"status": 400
}
}
{
"summary": "Account without a password.",
"value": {
"errors": [
{
"code": "no_password",
"message": "Your account has no password set up.",
"param": "account"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
GET /api/auth/v1/account/providers¶
List the connected third-party provider accounts
Response 200 OK
Refer to the common response description: allauth.ProviderAccounts.
Authentication: 2FA¶
POST /api/auth/v1/auth/2fa/authenticate¶
Two-factor authentication
Description
If, during authentication, a response with status 401 is encountered where
one of the pending
flows has ID mfa_authenticate, that indicates that the Two-Factor
Authentication stage needs to
be completed.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPasswordAnd2FA.
Response 400 Bad Request
{
"summary": "An error response indicating that the provided code is incorrect.\n",
"value": {
"errors": [
{
"code": "incorrect_code",
"message": "Incorrect code.",
"param": "code"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
POST /api/auth/v1/auth/2fa/reauthenticate¶
Reauthenticate using 2FA
Description
In order to safeguard the account, some actions require the user to be
recently authenticated. If you try to perform such an action without
having been recently authenticated, a 401 status is returned, listing
flows that can be performed to reauthenticate. One such flow is the flow
with ID mfa_reauthenticate, which allows for the user to input an
authenticator code (e.g. TOTP or recovery code). This is the endpoint
related towards that flow.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPasswordAnd2FA.
Response 400 Bad Request
{
"summary": "An error response indicating that the provided code is incorrect.\n",
"value": {
"errors": [
{
"code": "incorrect_code",
"message": "Incorrect code.",
"param": "code"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
POST /api/auth/v1/auth/2fa/trust¶
Trust this browser
Description
If "Trust this browser?" is enabled (MFA_TRUST_ENABLED), the
mfa_trust flow activates after the user completes the MFA
authentication flow, offering to skip MFA for this particular
browser. This endpoint is used to complete the mfa_trust flow.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPasswordAnd2FA.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Authentication: Login By Code¶
POST /api/auth/v1/auth/code/confirm¶
Confirm login code
Description
Use this endpoint to pass along the received "special" login code.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByCode.
Response 400 Bad Request
{
"summary": "An error response indicating that the provided code is incorrect.\n",
"value": {
"errors": [
{
"code": "incorrect_code",
"message": "Incorrect code.",
"param": "code"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending 2FA\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "mfa_authenticate",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/code/request¶
Request login code
Description
Request a "special" login code that is sent to the user by email.
Request body
Schema of the request body
null
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending login by code\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "mfa_authenticate"
},
{
"id": "login_by_code",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Authentication: Account¶
GET /api/auth/v1/auth/email/verify¶
Get email verification information
Description
Obtain email verification information, given the token that was sent to the user by email.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
X-Email-Verification-Key |
header | string | No | The email verification key |
Response 200 OK
Refer to the common response description: allauth.EmailVerificationInfo.
Response 400 Bad Request
{
"summary": "Email verification key invalid.\n",
"value": {
"errors": [
{
"code": "invalid",
"message": "Invalid or expired key.",
"param": "key"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/email/verify¶
Verify an email
Description
Complete the email verification process. Depending on the configuration, email addresses are either verified by opening a link that is sent to their email address, or, by inputting a code that is sent. On the API, both cases are handled identically. Meaning, the required key is either the one from the link, or, the code itself.
Note that a status code of 401 does not imply failure. It indicates that
the email verification was successful, yet, the user is still not signed
in. For example, in case ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION is set to
False, a 401 is returned when verifying as part of login/signup.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"summary": "Email verification key invalid.\n",
"value": {
"errors": [
{
"code": "invalid",
"message": "Invalid or expired key.",
"param": "key"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.Unauthenticated.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/email/verify/resend¶
Resend email verification code
Description
Requests a new email verification code.
Requires ACCOUNT_EMAIL_VERIFICATION_SUPPORTS_RESEND = True.
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Response 429 Too Many Requests
Refer to the common response description: allauth.TooManyRequests.
POST /api/auth/v1/auth/login¶
Login
Description
Login using a username-password or email-password combination.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPassword.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
{
"value": {
"errors": [
{
"code": "email_password_mismatch",
"message": "The email address and/or password you specified are not correct.",
"param": "password"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending 2FA\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "mfa_authenticate",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/phone/verify¶
Verify a phone number
Description
Complete the phone number verification process. Note that a status code of 401 does not imply failure. It merely indicates that the phone number verification was successful, yet, the user is still not signed in.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.Unauthenticated.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/phone/verify/resend¶
Resend phone number verification code
Description
Requests a new phone number verification code.
Requires ACCOUNT_PHONE_VERIFICATION_SUPPORTS_RESEND = True.
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Response 429 Too Many Requests
Refer to the common response description: allauth.TooManyRequests.
POST /api/auth/v1/auth/reauthenticate¶
Reauthenticate
Description
In order to safeguard the account, some actions require the user to be
recently authenticated. If you try to perform such an action without
having been recently authenticated, a 401 status is returned, listing
flows that can be performed to reauthenticate. One such flow is the flow
with ID reauthenticate, which allows for the user to input the
password. This is the endpoint related towards that flow.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPassword.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "incorrect_password",
"message": "Incorrect password.",
"param": "password"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
POST /api/auth/v1/auth/signup¶
Signup
Description
Whether or not username, email, phone or combination of those are
required depends on the configuration of django-allauth. Additionally,
if a custom signup form is used there may be other custom properties
required.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPassword.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 403 Forbidden
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Authentication: Password Reset¶
POST /api/auth/v1/auth/password/request¶
Request password
Description
Initiates the password reset procedure. Depending on whether or not
ACCOUNT_PASSWORD_RESET_BY_CODE_ENABLED is True, the procedure is
either stateless or stateful.
In case codes are used, it is stateful, and a new
password_reset_by_code flow is started. In this case, on a successful
password reset request, you will receive a 401 indicating the pending
status of this flow.
In case password reset is configured to use (stateless) links, you will receive a 200 on a successful password reset request.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.StatusOK.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
GET /api/auth/v1/auth/password/reset¶
Get password reset information
Description
Used to obtain information on and validate a password reset key. The
key passed is either the key encoded in the password reset URL that the
user has received per email, or, the password reset code in case of
ACCOUNT_PASSWORD_RESET_BY_CODE_ENABLED. Note that in case of a code,
the number of requests you can make is limited (by
ACCOUNT_PASSWORD_RESET_BY_CODE_MAX_ATTEMPTS).
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
X-Password-Reset-Key |
header | string | No | The password reset key |
Response 200 OK
Refer to the common response description: allauth.PasswordResetInfo.
Response 400 Bad Request
{
"summary": "Password reset key invalid.\n",
"value": {
"errors": [
{
"code": "token_invalid",
"message": "The password reset token was invalid.",
"param": "key"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/password/reset¶
Reset password
Description
Perform the password reset, by handing over the password reset key and
the new password. After successfully completing the password reset, the
user is either logged in (in case ACCOUNT_LOGIN_ON_PASSWORD_RESET is
True), or, the user will need to proceed to the login page. In case
of the former, a 200 status code is returned, in case of the latter a
401.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.AuthenticatedByPassword.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Authentication: Providers¶
POST /api/auth/v1/auth/provider/redirect¶
Provider redirect
Description
Initiates the third-party provider authentication redirect flow. As calling this endpoint results in a user facing redirect (302), this call is only available in a browser, and must be called in a synchronous (non-XHR) manner.
Request body
Schema of the request body
null
Response 302 Found
Response headers
| Name | Description | Schema |
|---|---|---|
location |
The redirect URL. | string |
GET /api/auth/v1/auth/provider/signup¶
Provider signup information
Description
If, while signing up using a third-party provider account, there is insufficient information received from the provider to automatically complete the signup process, an additional step is needed to complete the missing data before the user is fully signed up and authenticated. The information available so far, such as the pending provider account, can be retrieved via this endpoint.
Response 200 OK
Refer to the common response description: allauth.ProviderSignup.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/provider/signup¶
Provider signup
Description
If, while signing up using a third-party provider account, there is insufficient information received from the provider to automatically complete the signup process, an additional step is needed to complete the missing data before the user is fully signed up and authenticated.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 403 Forbidden
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/provider/token¶
Provider token
Description
Authenticates with a third-party provider using provider tokens received by other means. For example, in case of a mobile app, the authentication flow runs completely on the device itself, without any interaction with the API. Then, when the (device) authentication completes and the mobile app receives an access and/or ID token, it can hand over these tokens via this endpoint to authenticate on the server.
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"summary": "Provider token invalid.\n",
"value": {
"errors": [
{
"code": "invalid",
"message": "The token was invalid.",
"param": "token"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending 2FA\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "mfa_authenticate",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 403 Forbidden
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Authentication: Current Session¶
DELETE /api/auth/v1/auth/session¶
Logout
Description
Logs out the user from the current session.
Response 401 Unauthorized
Refer to the common response description: allauth.Unauthenticated.
GET /api/auth/v1/auth/session¶
Get authentication status
Description
Retrieve information about the authentication status for the current session.
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
Response 410 Gone
Refer to the common response description: allauth.SessionGone.
Sessions¶
DELETE /api/auth/v1/auth/sessions¶
End one or more sessions
Request body
Schema of the request body
null
Response 200 OK
Refer to the common response description: allauth.Sessions.
Response 401 Unauthorized
Refer to the common response description: allauth.Authentication.
GET /api/auth/v1/auth/sessions¶
List sessions
Response 200 OK
Refer to the common response description: allauth.Sessions.
Authentication: WebAuthn: Login¶
GET /api/auth/v1/auth/webauthn/authenticate¶
Get WebAuthn credential request options for 2FA
Description
Returns the WebAuthn credential request options, that can be
processed using parseRequestOptionsFromJSON() on the frontend.
Response 200 OK
Refer to the common response description: allauth.WebAuthnRequestOptionsResponse.
POST /api/auth/v1/auth/webauthn/authenticate¶
Perform 2FA using WebAuthn
Description
Perform Two-Factor Authentication using a WebAuthn credential.
Request body
{
"credential": null
}
Schema of the request body
{
"properties": {
"credential": {
"$ref": "#/components/schemas/allauth.WebAuthnCredential"
}
},
"required": [
"credential"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
GET /api/auth/v1/auth/webauthn/login¶
Get WebAuthn credential request options for login
Description
Returns the WebAuthn credential request options, that can be
processed using parseRequestOptionsFromJSON() on the frontend.
Response 200 OK
Refer to the common response description: allauth.WebAuthnRequestOptionsResponse.
POST /api/auth/v1/auth/webauthn/login¶
Login using WebAuthn
Description
Login using a WebAuthn credential (Passkey). Both 200 and 401 can be expected after a successful request. The 401 can, for example, occur when the credential passed was valid, but the email attached to the account still requires verification.
Request body
{
"credential": null
}
Schema of the request body
{
"properties": {
"credential": {
"$ref": "#/components/schemas/allauth.WebAuthnCredential"
}
},
"required": [
"credential"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
GET /api/auth/v1/auth/webauthn/reauthenticate¶
Get WebAuthn credential request options for reauthentication
Description
Returns the WebAuthn credential request options, that can be
processed using parseRequestOptionsFromJSON() on the frontend.
Response 200 OK
Refer to the common response description: allauth.WebAuthnRequestOptionsResponse.
POST /api/auth/v1/auth/webauthn/reauthenticate¶
Reauthenticate using WebAuthn
Description
Reauthenticate the user using a WebAuthn credential.
Request body
{
"credential": null
}
Schema of the request body
{
"properties": {
"credential": {
"$ref": "#/components/schemas/allauth.WebAuthnCredential"
}
},
"required": [
"credential"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Authentication: WebAuthn: Signup¶
GET /api/auth/v1/auth/webauthn/signup¶
Get passkey credential request options
Description
Returns the WebAuthn credential request options, that can be
processed using parseRequestOptionsFromJSON() on the frontend.
Response 200 OK
Refer to the common response description: allauth.WebAuthnRequestOptionsResponse.
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
POST /api/auth/v1/auth/webauthn/signup¶
Initiate the passkey signup flow
Description
You initiate the passkey signup flow by inputting (POST) the required
properties (e.g. email)
similar to the regular account signup, except that the password is to be
left out.
The user will then be required to verify the email address, after which
WebAuthn credential
creation options can be retrieved (GET) and used to actually complete
(PUT) the flow.
Request body
Schema of the request body
null
Response 400 Bad Request
{
"value": {
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 403 Forbidden
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
PUT /api/auth/v1/auth/webauthn/signup¶
Complete the passkey signup flow
Description
Complete the passkey signup flow by handing over the WebAuthn credential.
Request body
{
"credential": null,
"name": "Master key"
}
Schema of the request body
{
"properties": {
"credential": {
"$ref": "#/components/schemas/allauth.WebAuthnCredential"
},
"name": {
"example": "Master key",
"type": "string"
}
},
"required": [
"credential"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.Authenticated.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Response 401 Unauthorized
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
Response 409 Conflict
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
Configuration¶
GET /api/auth/v1/config¶
Get configuration
Description
There are many configuration options that alter the functionality and behavior of django-allauth, some of which can also impact the frontend. Therefore, relevant configuration options are exposed via this endpoint. The data returned is not user/authentication dependent. Hence, it suffices to only fetch this data once at boot time of your application.
Response 200 OK
Refer to the common response description: allauth.Configuration.
Tokens¶
GET /api/auth/v1/tokens/refresh¶
Refresh the access token
Description
Used to retrieve a new access token. Depending on
settings.HEADLESS_JWT_ROTATE_REFRESH_TOKEN,
a new refresh token is returned as well.
Request body
{
"refresh_token": null
}
Schema of the request body
{
"properties": {
"refresh_token": {
"$ref": "#/components/schemas/allauth.RefreshToken"
}
},
"required": [
"refresh_token"
],
"type": "object"
}
Response 200 OK
Refer to the common response description: allauth.RefreshToken.
Response 400 Bad Request
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
Schemas¶
allauth.AuthenticationMeta¶
Type:
allauth.AuthenticationResponse¶
| Name | Type |
|---|---|
data |
Properties: flows |
meta |
allauth.AuthenticationMeta |
status |
UnauthorizedStatus |
allauth.AuthenticatorType¶
Type: string
allauth.BaseAuthenticationMeta¶
| Name | Type |
|---|---|
access_token |
string |
session_token |
string |
allauth.ConflictResponse¶
| Name | Type |
|---|---|
status |
Allauth.ConflictResponseStatusEnum |
Allauth.ConflictResponseStatusEnum¶
Type: integer
allauth.ErrorResponse¶
| Name | Type |
|---|---|
errors |
Array<Properties: code, message, param> |
status |
Allauth.ErrorResponseStatusEnum¶
Type: integer
allauth.Flow¶
| Name | Type |
|---|---|
id |
IdEnum |
is_pending |
IsTrueEnum |
provider |
allauth.Provider |
types |
Array<allauth.AuthenticatorType> |
allauth.ForbiddenResponse¶
| Name | Type |
|---|---|
status |
Allauth.ForbiddenResponseStatusEnum |
Allauth.ForbiddenResponseStatusEnum¶
Type: integer
allauth.PhoneNumber¶
| Name | Type |
|---|---|
phone |
string |
verified |
boolean |
allauth.PhoneNumberChangeResponse¶
| Name | Type |
|---|---|
data |
Array<allauth.PhoneNumber> |
status |
allauth.StatusAccepted |
allauth.Provider¶
| Name | Type |
|---|---|
client_id |
string |
flows |
Array<FlowsEnum> |
id |
string |
name |
string |
openid_configuration_url |
string |
allauth.StatusAccepted¶
Type: integer
FlowsEnum¶
Type: string
IdEnum¶
Type: string
IsTrueEnum¶
Type: boolean
UnauthorizedStatus¶
Type: integer
Common responses¶
This section describes common responses that are reused across operations.
allauth.AddAuthenticatorConflict¶
The account prohibits adding an authenticator, e.g. because of an unverified email address.
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ConflictResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
allauth.AddWebAuthnAuthenticator¶
A WebAuthn authenticator.
{
"data": null,
"meta": {
"recovery_codes_generated": true
},
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.WebAuthnAuthenticator"
},
"meta": {
"properties": {
"recovery_codes_generated": {
"description": "Whether or not recovery codes where generated automatically.\n",
"type": "boolean"
}
},
"type": "object"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
allauth.Authenticated¶
The user is authenticated.
Schema of the response body
null
allauth.AuthenticatedByCode¶
Authenticated by code.
{
"summary": "Authenticated by code.\n",
"value": {
"data": {
"methods": [
{
"at": 1711555057.065702,
"email": "email@domain.org",
"method": "code"
}
],
"user": {
"display": "Magic Wizard",
"email": "email@domain.org",
"has_usable_password": true,
"id": 123,
"username": "wizard"
}
},
"meta": {
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW",
"is_authenticated": true,
"session_token": "ufwcig0zen9skyd545jc0fkq813ghar2"
},
"status": 200
}
}
Schema of the response body
null
allauth.AuthenticatedByPassword¶
Authenticated by password.
{
"summary": "Authenticated by password.\n",
"value": {
"data": {
"methods": [
{
"at": 1711555057.065702,
"email": "email@domain.org",
"method": "password"
}
],
"user": {
"display": "Magic Wizard",
"email": "email@domain.org",
"has_usable_password": true,
"id": 123,
"username": "wizard"
}
},
"meta": {
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW",
"is_authenticated": true,
"session_token": "ufwcig0zen9skyd545jc0fkq813ghar2"
},
"status": 200
}
}
Schema of the response body
null
allauth.AuthenticatedByPasswordAnd2FA¶
Authenticated by password and 2FA.
{
"summary": "Fully authenticated using by password and 2FA.\n",
"value": {
"data": {
"methods": [
{
"at": 1711555057.065702,
"email": "email@domain.org",
"method": "password"
},
{
"at": 1711555060.9375854,
"id": 66,
"method": "mfa",
"type": "totp"
}
],
"user": {
"display": "Magic Wizard",
"email": "email@domain.org",
"has_usable_password": true,
"id": 123,
"username": "wizard"
}
},
"meta": {
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdW",
"is_authenticated": true,
"session_token": "ufwcig0zen9skyd545jc0fkq813ghar2"
},
"status": 200
}
}
Schema of the response body
null
allauth.Authentication¶
Not authenticated.
{
"summary": "Reauthentication required\n",
"value": {
"data": {
"flows": [
{
"id": "reauthenticate"
},
{
"id": "mfa_reauthenticate"
}
],
"methods": [
{
"at": 1711555057.065702,
"email": "email@domain.org",
"method": "password"
},
{
"at": 1711555060.9375854,
"id": 66,
"method": "mfa",
"type": "totp"
}
],
"user": {
"display": "Magic Wizard",
"email": "email@domain.org",
"has_usable_password": true,
"id": 123,
"username": "wizard"
}
},
"meta": {
"is_authenticated": true
},
"status": 401
}
}
{
"summary": "Unauthenticated: Initial\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
{
"summary": "Unauthenticated: pending 2FA\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "mfa_authenticate",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
{
"summary": "Unauthenticated: pending email verification\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "verify_email",
"is_pending": true
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
{
"summary": "Unauthenticated: pending provider signup\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
},
{
"id": "provider_signup",
"is_pending": true,
"provider": {
"client_id": "123.apps.googleusercontent.com",
"flows": [
"provider_redirect",
"provider_token"
],
"id": "google",
"name": "Google"
}
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
allauth.AuthenticationOrReauthentication¶
The response indicates authentication or re-authentication is required.
Schema of the response body
{
"oneOf": [
{
"$ref": "#/components/schemas/allauth.AuthenticationResponse"
},
{
"$ref": "#/components/schemas/allauth.ReauthenticationResponse"
}
]
}
allauth.Authenticators¶
List of authenticators.
{
"data": null,
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.AuthenticatorList"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.Configuration¶
The django-allauth configuration.
Schema of the response body
null
allauth.EmailAddresses¶
List of email addresses.
{
"data": [
null
],
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"items": {
"$ref": "#/components/schemas/allauth.EmailAddress"
},
"type": "array"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.EmailVerificationInfo¶
Email verification information.
Schema of the response body
null
allauth.Error¶
An input error occurred.
{
"errors": [
{
"code": "invalid",
"message": "Enter a valid email address.",
"param": "email"
}
],
"status": 400
}
Schema of the response body
{
"properties": {
"errors": {
"items": {
"properties": {
"code": {
"description": "An error code.\n",
"example": "invalid",
"type": "string"
},
"message": {
"description": "A human readable error message.\n",
"example": "Enter a valid email address.",
"type": "string"
},
"param": {
"description": "The name of the input parameter that was incorrect.\n",
"example": "email",
"type": "string"
}
},
"required": [
"code",
"message"
],
"type": "object"
},
"type": "array"
},
"status": {
"allOf": [
{
"$ref": "#/components/schemas/Allauth.ErrorResponseStatusEnum"
}
],
"example": 400
}
},
"type": "object"
}
allauth.Forbidden¶
A forbidden response.
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/Allauth.ForbiddenResponseStatusEnum"
}
},
"required": [
"status"
],
"type": "object"
}
allauth.NotFound¶
Not found.
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"enum": [
404
],
"type": "integer"
}
},
"required": [
"status"
],
"type": "object"
}
allauth.PasswordResetInfo¶
Information about the password reset key.
{
"data": {
"user": null
},
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"properties": {
"user": {
"$ref": "#/components/schemas/allauth.User"
}
},
"type": "object"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.PhoneNumbers¶
List of phone numbers.
Schema of the response body
null
allauth.ProviderAccounts¶
List of third-party provider accounts.
{
"data": [
null
],
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"items": {
"$ref": "#/components/schemas/allauth.ProviderAccount"
},
"type": "array"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.ProviderSignup¶
Information relating to the pending provider signup.
{
"data": {
"account": null,
"email": [
null
],
"user": null
},
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"properties": {
"account": {
"$ref": "#/components/schemas/allauth.ProviderAccount"
},
"email": {
"items": {
"$ref": "#/components/schemas/allauth.EmailAddress"
},
"type": "array"
},
"user": {
"$ref": "#/components/schemas/allauth.User"
}
},
"required": [
"email",
"account",
"user"
],
"type": "object"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.ReauthenticationRequired¶
The response indicates reauthentication is required.
{
"data": {
"flows": [
{
"id": "reauthenticate"
},
{
"id": "mfa_reauthenticate"
}
],
"methods": [
{
"at": 1711555057.065702,
"email": "email@domain.org",
"method": "password"
},
{
"at": 1711555060.9375854,
"id": 66,
"method": "mfa",
"type": "totp"
}
],
"user": {
"display": "Magic Wizard",
"email": "email@domain.org",
"has_usable_password": true,
"id": 123,
"username": "wizard"
}
},
"meta": {
"is_authenticated": true
},
"status": 401
}
Schema of the response body
null
allauth.RecoveryCodes¶
Information on the recovery codes.
{
"data": null,
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.SensitiveRecoveryCodesAuthenticator"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.RefreshToken¶
A new access token (and optionally new refresh token).
{
"data": {
"access_token": null,
"refresh_token": null
},
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"properties": {
"access_token": {
"$ref": "#/components/schemas/allauth.AccessToken"
},
"refresh_token": {
"$ref": "#/components/schemas/allauth.RefreshToken"
}
},
"required": [
"access_token"
],
"type": "object"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"data",
"status"
],
"type": "object"
}
allauth.SessionGone¶
The response indicates session is invalid or no longer exists.
{
"summary": "Unauthenticated: Initial\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
null
allauth.Sessions¶
List of sessions.
{
"data": [
null
],
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"items": {
"$ref": "#/components/schemas/allauth.Session"
},
"type": "array"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.StatusOK¶
A success response.
{
"status": null
}
Schema of the response body
{
"properties": {
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status"
],
"type": "object"
}
allauth.TOTPAuthenticator¶
Information on the TOTP authenticator.
{
"data": null,
"meta": {
"recovery_codes_generated": true
},
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.TOTPAuthenticator"
},
"meta": {
"properties": {
"recovery_codes_generated": {
"description": "Whether or not recovery codes where generated automatically.",
"type": "boolean"
}
},
"type": "object"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.TOTPAuthenticatorNotFound¶
No TOTP authenticator has been set up.
{
"meta": {
"secret": "J4ZKKXTK7NOVU7EPUVY23LCDV4T2QZYM",
"totp_url": "otpauth://totp/Example:alice@fsf.org?secret=JBSWY3DPEHPK3PXP&issuer=Example"
},
"status": 0
}
Schema of the response body
{
"properties": {
"meta": {
"properties": {
"secret": {
"description": "A TOTP secret that can be used to setup a new authenticator.\n",
"example": "J4ZKKXTK7NOVU7EPUVY23LCDV4T2QZYM",
"type": "string"
},
"totp_url": {
"description": "otpauth URI from which a QR code can be generated and scanned by OTP clients.\n",
"example": "otpauth://totp/Example:alice@fsf.org?secret=JBSWY3DPEHPK3PXP&issuer=Example",
"type": "string"
}
},
"required": [
"secret",
"totp_url"
],
"type": "object"
},
"status": {
"enum": [
404
],
"type": "integer"
}
},
"required": [
"status",
"meta"
],
"type": "object"
}
allauth.TooManyRequests¶
Too many requests.
{
"status": 0
}
Schema of the response body
{
"properties": {
"status": {
"enum": [
429
],
"type": "integer"
}
},
"required": [
"status"
],
"type": "object"
}
allauth.Unauthenticated¶
There is no authenticated session.
{
"summary": "Unauthenticated: Initial\n",
"value": {
"data": {
"flows": [
{
"id": "login"
},
{
"id": "signup"
},
{
"id": "provider_redirect",
"providers": [
"facebook",
"google",
"telegram"
]
},
{
"id": "provider_token",
"providers": [
"google"
]
}
]
},
"meta": {
"is_authenticated": false
},
"status": 401
}
}
Schema of the response body
{
"description": "An authentication related response.\n",
"properties": {
"data": {
"properties": {
"flows": {
"items": {
"$ref": "#/components/schemas/allauth.Flow"
},
"type": "array"
}
},
"required": [
"flows"
],
"type": "object"
},
"meta": {
"$ref": "#/components/schemas/allauth.AuthenticationMeta"
},
"status": {
"$ref": "#/components/schemas/UnauthorizedStatus"
}
},
"required": [
"status",
"data",
"meta"
],
"type": "object"
}
allauth.WebAuthnAuthenticator¶
A WebAuthn authenticator.
{
"data": null,
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.WebAuthnAuthenticator"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.WebAuthnCreationOptionsResponse¶
WebAuthn credential creation options.
{
"data": null,
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.WebAuthnCredentialCreationOptions"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
allauth.WebAuthnRequestOptionsResponse¶
WebAuthn credential request options.
{
"data": null,
"status": null
}
Schema of the response body
{
"properties": {
"data": {
"$ref": "#/components/schemas/allauth.WebAuthnCredentialRequestOptions"
},
"status": {
"$ref": "#/components/schemas/allauth.StatusOK"
}
},
"required": [
"status",
"data"
],
"type": "object"
}
Common parameters¶
This section describes common parameters that are reused across operations.
allauth.EmailVerificationKey¶
| Name | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
X-Email-Verification-Key |
header | string | No |
allauth.PasswordLess¶
| Name | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
passwordless |
query | boolean | No |
allauth.PasswordResetKey¶
| Name | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
X-Password-Reset-Key |
header | string | No |
Security schemes¶
| Name | Type | Scheme | Description |
|---|---|---|---|
| basicAuth | http | basic | |
| cookieAuth | apiKey | ||
| oauth2 | oauth2 | ||
| tokenAuth | apiKey | Token-based authentication with required prefix "Token" |
More documentation¶
More information about InvenTree in the official docs