| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 |
- # ===============================================
- # AUTHENTICATION
- # ===============================================
- extend type Query {
- apiKeys: [AuthenticationApiKey]
- apiState: Boolean
- authStrategies(
- siteId: UUID
- enabledOnly: Boolean
- ): [AuthenticationStrategy]
- }
- extend type Mutation {
- createApiKey(
- name: String!
- expiration: String!
- fullAccess: Boolean!
- group: Int
- ): AuthenticationCreateApiKeyResponse
- login(
- username: String!
- password: String!
- strategy: String!
- ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
- loginTFA(
- continuationToken: String!
- securityCode: String!
- setup: Boolean
- ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
- loginChangePassword(
- continuationToken: String!
- newPassword: String!
- ): AuthenticationLoginResponse @rateLimit(limit: 5, duration: 60)
- forgotPassword(
- email: String!
- ): DefaultResponse @rateLimit(limit: 3, duration: 60)
- register(
- email: String!
- password: String!
- name: String!
- ): AuthenticationRegisterResponse
- revokeApiKey(
- id: Int!
- ): DefaultResponse
- setApiState(
- enabled: Boolean!
- ): DefaultResponse
- updateAuthStrategies(
- strategies: [AuthenticationStrategyInput]!
- ): DefaultResponse
- regenerateCertificates: DefaultResponse
- resetGuestUser: DefaultResponse
- }
- # -----------------------------------------------
- # TYPES
- # -----------------------------------------------
- type AuthenticationStrategy {
- key: String!
- props: [KeyValuePair] @auth(requires: ["manage:system"])
- title: String!
- description: String
- isAvailable: Boolean
- useForm: Boolean!
- usernameType: String
- logo: String
- color: String
- website: String
- icon: String
- }
- type AuthenticationActiveStrategy {
- key: String!
- strategy: AuthenticationStrategy!
- displayName: String!
- order: Int!
- isEnabled: Boolean!
- config: [KeyValuePair] @auth(requires: ["manage:system"])
- selfRegistration: Boolean!
- domainWhitelist: [String]! @auth(requires: ["manage:system"])
- autoEnrollGroups: [Int]! @auth(requires: ["manage:system"])
- }
- type AuthenticationLoginResponse {
- operation: Operation
- jwt: String
- mustChangePwd: Boolean
- mustProvideTFA: Boolean
- mustSetupTFA: Boolean
- continuationToken: String
- redirect: String
- tfaQRImage: String
- }
- type AuthenticationRegisterResponse {
- operation: Operation
- jwt: String
- }
- input AuthenticationStrategyInput {
- key: String!
- strategyKey: String!
- config: [KeyValuePairInput]
- displayName: String!
- order: Int!
- isEnabled: Boolean!
- selfRegistration: Boolean!
- domainWhitelist: [String]!
- autoEnrollGroups: [Int]!
- }
- type AuthenticationApiKey {
- id: Int!
- name: String!
- keyShort: String!
- expiration: Date!
- createdAt: Date!
- updatedAt: Date!
- isRevoked: Boolean!
- }
- type AuthenticationCreateApiKeyResponse {
- operation: Operation
- key: String
- }
|
