API Specifications
Fetches audit log and login record data from FusionAuth. This data corresponds to the information available in the Audit Log and Login Records sections of the FusionAuth server dashboard.
Authentication token for the application.
Name of the registration (application), with fallbacks to 'appName' header or a default value if not provided.
Audit logs and login records retrieved successfully, some infos about them are returned.
Internal server error.
Allows for the uploading of new FusionAuth's audit log entries. All data must adhere to the FusionAuth log format.
Authentication token for the application.
Name of the registration (application), with fallbacks to 'appName' header or a default value if not provided.
Audit logs.
Info about logins.
Audit logs uploaded successfully.
Internal server error.
This endpoint allows verifying if a user, identified by his token, possesses the permissions specified in the request according to the desired logic (possesses at least one of the specified permissions or possesses all of the specified permissions). The response also indicates the set of all groups to which the user belongs.
Name of the registration (application) for which you want to obtain the token.
MAT APPa string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=The token of the user for whom permission verification is requested.
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...Returns user permission check results, including the list of groups to which the user belongs and a key indicating whether the user possesses the permissions specified in the request list. It uses the specified logic to check permissions (possesses all permissions if the logic is 'AND', possesses at least one of the specified permissions if the logic is 'OR').
Internal server error.
Fetches a list of groups from the identity provider. Supports additional query parameters for the identity provider's API.
Authentication token for the application.
The name of the registration (application), with a default fallback if not provided.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=List of groups retrieved successfully.
List of requested groups.
Internal server error.
Creates new groups in the identity provider. The request body should contain an array of groups to be created.
Authentication token for the application.
The name of the registration (application), with a default fallback if not provided.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Groups to be created in the identity provider.
Groups created successfully.
The list of groups just created, or an error object if creation failed.
Internal server error.
Retrieves detailed information about the specified group.
Unique identifier of the group.
Authentication token for the application.
The name of the registration (application), with a default fallback if not provided.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Group information retrieved successfully.
No content
Internal server error.
No content
Updates the information of a specified group.
Unique identifier of the group.
Authentication token for the application.
The name of the registration (application), with a default fallback if not provided.
a string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Group data to be updated.
Group information retrieved successfully.
No content
Internal server error.
No content
Deletes a specific group by its ID.
Unique identifier of the group to be deleted.
Authentication token for the application.
The name of the registration (application), with a default fallback if not provided.
a string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Group deleted successfully.
No content
Internal server error.
No content
Get all group members given a specified group.
ID of the group.
Application authentication token.
Name of the registration (application), with fallbacks to 'appName' header or a default value if not provided.
a string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Successful operation.
Internal server error.
Add the specified members to the specified group.
ID of the group.
Application authentication token.
Name of the registration (application), with fallbacks to 'appName' header or a default value if not provided.
a string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=list of the members that have to be added to the group.
Members added successfully.
Internal server error.
Remove the specified member from the specified group.
ID of the group.
ID of the user to remove.
Application authentication token.
Name of the registration (application), with fallbacks to 'appName' header or a default value if not provided.
a string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Member removed successfully.
Member removed successfully.
This endpoint allows to send the invitations that are specified in the body.
The name of the registration (application), with a default fallback if not provided.
Application authentication token.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=It contains infos about the invitation that have to be sent.
Invitation sent successfully.
It contains data abouth every invitiation that has been sent.
Internal server error.
This endpoint allows obtaining an application token, which is a token that identifies an application as a service and allows it to perform operations. To obtain this token, the requester must perform a basic auth with the Auth Manager. It is mandatory to specify the App-Name key in the request cookies to identify the registration (application) for which the application token is requested.
Name of the registration (application) you want to get the token for.
MAT APPA string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=Success, technical token retrieved and returned.
Internal server error.
The name of the application, with a default fallback if not provided.
Application authentication token.
The list of user for the App-Name application.
Internal server error.
The name of the application, with a default fallback if not provided.
Application authentication token.
it contains the data of the users that have to be added.
Users created successfully.
Returns data of the added users.
Internal server error.
Unique identifier of the user.
The name of the registration (application), with a default fallback if not provided.
Application authentication token.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=User information retrieved successfully.
Info about the specified user.
Internal server error.
Unique identifier of the user.
The name of the registration (application), with a default fallback if not provided.
Application authentication token.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=It has to contain the info about the user that have to be updated.
User information updated successfully.
It containes the new data about the specified user.
Internal server error.
Unique identifier of the user.
The name of the registration (application), with a default fallback if not provided.
Application authentication token.
A string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=User deleted successfully.
No content
Internal server error.
No content
This endpoint first attempts to retrieve a valid token for the user and the registration specified in the App-Name key, then sets the token within the cookies, breaking it into multiple parts depending on its length and the maximum length set by the configuration of the Auth Manager. The progressive key used in the cookies to save the token follows the following pattern: "&{App-Name}_token{n}" where {App-Name} should be replaced with the value in the App-Name key, while {n} is a sequential number indicating how to reassemble the token. It is mandatory to specify in the request cookies the key App-Name, which indicates the name of the application, and the host key, which identifies the URL to which to redirect the flow.
The AM redirects the flow to the requesting application specified in the cookies with the authorization token.
Authorization failed due to AuthlibBaseError.
Internal server error during token retrieval.
No content
This endpoint first attempts to retrieve a valid token for the user and the registration specified in the App-Name key, then sets the token within the cookies, breaking it into multiple parts depending on its length and the maximum length set by the configuration of the Auth Manager. The progressive key used in the cookies to save the token follows the following pattern: "&{App-Name}_token{n}" where {App-Name} should be replaced with the value in the App-Name key, while {n} is a sequential number indicating how to reassemble the token. It is mandatory to specify in the request cookies the key App-Name, which indicates the name of the application, and the host key, which identifies the URL to which to redirect the flow.
The AM redirects the flow to the requesting application specified in the cookies with the authorization token.
Authorization failed due to AuthlibBaseError.
Internal server error during token retrieval
No content
This endpoint handles login requests, which includes determining the appropriate OAuth provider, building a dynamic or custom redirect URI for authorization, and then redirecting the client to the OAuth authorization URL. It is mandatory to specify in the cookies the keys 'host', which indicates the host to call when the OAuth provider performs the redirect (typically, it is necessary to indicate the path of the current Auth Manager) and 'path', which indicates the endpoint to call at the Auth Manager to validate the token just obtained from the provider. Also 'App-Name' has to be specified in the request cookies: it represents the registration (application).
Redirect to OAuth authorization URL.
Internal server error.
No content
This endpoint must be invoked when you want to log out from the application in which you are logged in. In addition to performing the logout, the user's session is cleared, and a redirect to Azure services occurs. NB: it is mandatory to specify in cookies the App-Name field, which indicates the registration (application).
Redirect to the logout URL.
Redirecting to logout URL.
Internal server error.
This endpoint allows obtaining a new token to replace the one currently held, using the available refresh token. This operation should be performed to avoid expiration of the current token, which would otherwise require the user to log in again.
Name of the registration (application) you want to get the token for.
MAT APPA string which is the Base64 encoded version of the concatenation of the client ID, a colon (:), and the client secret ("{clientId}:{clientSecret}"" in Base64). The string has to start with the term "Basic ".
Basic WW91ckNsaWVudElEOllvdXJTZWNyZXQ=The refresh token associated to the user token.
Success, new token retrieved and returned
Internal server error.
Returns the current status of the server. If deep is set to true, it performs a deep inspection of all running processes, which can be resource-intensive. The sort_by parameter allows sorting the results based on one of the process attributes.
The attribute to sort the process information by.
Flag to indicate if a deep inspection should be performed.
falseServer status returned successfully.
Internal server error.
Returns an image of a teapot. This endpoint humorously implements HTTP status 418 ("I'm a teapot"), which is a reference to the HTCPCP, an April Fools' joke from 1998. It's a playful reminder that technology also has room for humor and light-heartedness.
Returns a teapot image.
Internal server error.
Last updated