diff --git a/docs/docs/index.md b/docs/docs/index.md
index a6d57efb54f..786a88e7e33 100644
--- a/docs/docs/index.md
+++ b/docs/docs/index.md
@@ -1,5 +1,6 @@
---
id: index
+slug: /
title: Introduction
---
diff --git a/docs/docs/reference/api.mdx b/docs/docs/reference/api.mdx
index f8a935b4fca..8f59d7cff1d 100644
--- a/docs/docs/reference/api.mdx
+++ b/docs/docs/reference/api.mdx
@@ -3,6 +3,8 @@ title: REST API
id: api
---
+
+
Welcome to the ORY Kratos HTTP API documentation!
import Tabs from '@theme/Tabs'
@@ -10,24 +12,21 @@ import TabItem from '@theme/TabItem'
:::info
-You are viewing REST API documentation. This documentation is auto-generated
-from a swagger specification which itself is generated from annotations in the
-source code of the project. It is possible that this documentation includes bugs
-and that code samples are incomplete or wrong.
+You are viewing REST API documentation. This documentation is auto-generated from a swagger specification which
+itself is generated from annotations in the source code of the project. It is possible that this documentation includes
+bugs and that code samples are incomplete or wrong.
If you find issues in the respective documentation, please do not edit the
-Markdown files directly (as they are generated) but raise an issue on the
-project's GitHub presence instead. This documentation will improve over time
-with your help! If you have ideas how to improve this part of the documentation,
-feel free to share them in a
-[GitHub issue](https://github.com/ory/docs/issues/new) any time.
+Markdown files directly (as they are generated) but raise an issue on the project's GitHub presence instead. This documentation
+will improve over time with your help! If you have ideas how to improve this part of the documentation, feel free to
+share them in a [GitHub issue](https://github.com/ory/docs/issues/new) any time.
:::
## Authentication
-- API Key (sessionToken)
- - Parameter Name: **Authorization**, in: header.
+* API Key (sessionToken)
+ - Parameter Name: **Authorization**, in: header.
@@ -43,15 +42,14 @@ Accept: application/json
```
-This endpoint returns a 200 status code when the HTTP server is up running. This
-status does currently not include checks whether the database connection is
-working.
+This endpoint returns a 200 status code when the HTTP server is up running.
+This status does currently not include checks whether the database connection is working.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
-Be aware that if you are running multiple nodes of this service, the health
-status will never refer to the cluster state, only to a single instance.
+Be aware that if you are running multiple nodes of this service, the health status will never
+refer to the cluster state, only to a single instance.
#### Responses
@@ -59,10 +57,10 @@ status will never refer to the cluster state, only to a single instance.
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | healthStatus | [healthStatus](#schemahealthstatus) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|healthStatus|[healthStatus](#schemahealthstatus)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -74,7 +72,9 @@ status will never refer to the cluster state, only to a single instance.
}
```
-
+
#### Code samples
@@ -100,7 +100,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -120,20 +120,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/health/alive', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -210,14 +210,14 @@ Accept: application/json
```
-This endpoint returns a 200 status code when the HTTP server is up running and
-the environment dependencies (e.g. the database) are responsive as well.
+This endpoint returns a 200 status code when the HTTP server is up running and the environment dependencies (e.g.
+the database) are responsive as well.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
-Be aware that if you are running multiple nodes of this service, the health
-status will never refer to the cluster state, only to a single instance.
+Be aware that if you are running multiple nodes of this service, the health status will never
+refer to the cluster state, only to a single instance.
#### Responses
@@ -225,10 +225,10 @@ status will never refer to the cluster state, only to a single instance.
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | ------------------------------------------------------------------------ | -------------------- | --------------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | healthStatus | [healthStatus](#schemahealthstatus) |
-| 503 | [Service Unavailable](https://tools.ietf.org/html/rfc7231#section-6.6.4) | healthNotReadyStatus | [healthNotReadyStatus](#schemahealthnotreadystatus) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|healthStatus|[healthStatus](#schemahealthstatus)|
+|503|[Service Unavailable](https://tools.ietf.org/html/rfc7231#section-6.6.4)|healthNotReadyStatus|[healthNotReadyStatus](#schemahealthnotreadystatus)|
##### Examples
@@ -240,7 +240,9 @@ status will never refer to the cluster state, only to a single instance.
}
```
-
+
#### Code samples
@@ -266,7 +268,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -286,20 +288,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/health/ready', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -382,17 +384,16 @@ Accept: application/json
Lists all identities. Does not support search at the moment.
-Learn how identities work in
-[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | -------------- | -------- | --------------- |
-| per_page | query | integer(int64) | false | Items per Page |
-| page | query | integer(int64) | false | Pagination Page |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|per_page|query|integer(int64)|false|Items per Page|
+|page|query|integer(int64)|false|Pagination Page|
##### Detailed descriptions
@@ -406,10 +407,10 @@ This is the number of items per page.
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | --------------------- | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A list of identities. | Inline |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A list of identities.|Inline|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
@@ -417,24 +418,24 @@ This is the number of items per page.
Status Code **200**
-| Name | Type | Required | Restrictions | Description |
-| ---------------------- | --------------------------------------------------------- | -------- | ------------ | --------------------------------------------------------------------------------------------------------------- |
-| _anonymous_ | [[Identity](#schemaidentity)] | false | none | none |
-| » id | [UUID](#schemauuid)(uuid4) | true | none | none |
-| » recovery_addresses | [[RecoveryAddress](#schemarecoveryaddress)] | false | none | RecoveryAddresses contains all the addresses that can be used to recover an identity. |
-| »» id | [UUID](#schemauuid)(uuid4) | true | none | none |
-| »» value | string | true | none | none |
-| »» via | [RecoveryAddressType](#schemarecoveryaddresstype) | true | none | none |
-| » schema_id | string | true | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. |
-| » schema_url | string | false | none | SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.
format: url |
-| » traits | [Traits](#schematraits) | true | none | none |
-| » verifiable_addresses | [[VerifiableAddress](#schemaverifiableaddress)] | false | none | VerifiableAddresses contains all the addresses that can be verified by the user. |
-| »» id | [UUID](#schemauuid)(uuid4) | true | none | none |
-| »» status | [VerifiableAddressStatus](#schemaverifiableaddressstatus) | true | none | none |
-| »» value | string | true | none | none |
-| »» verified | boolean | true | none | none |
-| »» verified_at | [NullTime](#schemanulltime)(date-time) | false | none | none |
-| »» via | [VerifiableAddressType](#schemaverifiableaddresstype) | true | none | none |
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|*anonymous*|[[Identity](#schemaidentity)]|false|none|none|
+|» id|[UUID](#schemauuid)(uuid4)|true|none|none|
+|» recovery_addresses|[[RecoveryAddress](#schemarecoveryaddress)]|false|none|RecoveryAddresses contains all the addresses that can be used to recover an identity.|
+|»» id|[UUID](#schemauuid)(uuid4)|true|none|none|
+|»» value|string|true|none|none|
+|»» via|[RecoveryAddressType](#schemarecoveryaddresstype)|true|none|none|
+|» schema_id|string|true|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits.|
+|» schema_url|string|false|none|SchemaURL is the URL of the endpoint where the identity's traits schema can be fetched from.
format: url|
+|» traits|[Traits](#schematraits)|true|none|none|
+|» verifiable_addresses|[[VerifiableAddress](#schemaverifiableaddress)]|false|none|VerifiableAddresses contains all the addresses that can be verified by the user.|
+|»» id|[UUID](#schemauuid)(uuid4)|true|none|none|
+|»» status|[VerifiableAddressStatus](#schemaverifiableaddressstatus)|true|none|none|
+|»» value|string|true|none|none|
+|»» verified|boolean|true|none|none|
+|»» verified_at|[NullTime](#schemanulltime)(date-time)|false|none|none|
+|»» via|[VerifiableAddressType](#schemaverifiableaddresstype)|true|none|none|
##### Examples
@@ -468,7 +469,9 @@ Status Code **200**
]
```
-
+
#### Code samples
@@ -494,7 +497,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -514,20 +517,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/identities', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -605,12 +608,10 @@ Accept: application/json
```
-This endpoint creates an identity. It is NOT possible to set an identity's
-credentials (password, ...) using this method! A way to achieve that will be
-introduced in the future.
+This endpoint creates an identity. It is NOT possible to set an identity's credentials (password, ...)
+using this method! A way to achieve that will be introduced in the future.
-Learn how identities work in
-[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
#### Request body
@@ -625,9 +626,9 @@ Learn how identities work in
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | --------------------------------------- | -------- | ----------- |
-| body | body | [CreateIdentity](#schemacreateidentity) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[CreateIdentity](#schemacreateidentity)|false|none|
#### Responses
@@ -635,11 +636,11 @@ Learn how identities work in
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- |
-| 201 | [Created](https://tools.ietf.org/html/rfc7231#section-6.3.2) | A single identity. | [Identity](#schemaidentity) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|201|[Created](https://tools.ietf.org/html/rfc7231#section-6.3.2)|A single identity.|[Identity](#schemaidentity)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -671,7 +672,9 @@ Learn how identities work in
}
```
-
+
#### Code samples
@@ -697,7 +700,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -814,16 +817,15 @@ Accept: application/json
```
-Learn how identities work in
-[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | ------ | -------- | ---------------------------------------------------- |
-| id | path | string | true | ID must be set to the ID of identity you want to get |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|path|string|true|ID must be set to the ID of identity you want to get|
#### Responses
@@ -831,11 +833,11 @@ Learn how identities work in
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A single identity. | [Identity](#schemaidentity) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A single identity.|[Identity](#schemaidentity)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -867,7 +869,9 @@ Learn how identities work in
}
```
-
+
#### Code samples
@@ -893,7 +897,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -913,20 +917,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/identities/{id}', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -1004,15 +1008,12 @@ Accept: application/json
```
-This endpoint updates an identity. It is NOT possible to set an identity's
-credentials (password, ...) using this method! A way to achieve that will be
-introduced in the future.
+This endpoint updates an identity. It is NOT possible to set an identity's credentials (password, ...)
+using this method! A way to achieve that will be introduced in the future.
-The full identity payload (except credentials) is expected. This endpoint does
-not support patching.
+The full identity payload (except credentials) is expected. This endpoint does not support patching.
-Learn how identities work in
-[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
#### Request body
@@ -1027,10 +1028,10 @@ Learn how identities work in
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | --------------------------------------- | -------- | ------------------------------------------------------- |
-| id | path | string | true | ID must be set to the ID of identity you want to update |
-| body | body | [UpdateIdentity](#schemaupdateidentity) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|path|string|true|ID must be set to the ID of identity you want to update|
+|body|body|[UpdateIdentity](#schemaupdateidentity)|false|none|
#### Responses
@@ -1038,12 +1039,12 @@ Learn how identities work in
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | A single identity. | [Identity](#schemaidentity) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|A single identity.|[Identity](#schemaidentity)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -1075,7 +1076,9 @@ Learn how identities work in
}
```
-
+
#### Code samples
@@ -1101,7 +1104,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -1218,21 +1221,19 @@ Accept: application/json
```
-Calling this endpoint irrecoverably and permanently deletes the identity given
-its ID. This action can not be undone. This endpoint returns 204 when the
-identity was deleted or when the identity was not found, in which case it is
+Calling this endpoint irrecoverably and permanently deletes the identity given its ID. This action can not be undone.
+This endpoint returns 204 when the identity was deleted or when the identity was not found, in which case it is
assumed that is has been deleted already.
-Learn how identities work in
-[ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
+Learn how identities work in [ORY Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model).
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | ------ | -------- | ------------------------ |
-| id | path | string | true | ID is the identity's ID. |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|path|string|true|ID is the identity's ID.|
#### Responses
@@ -1240,11 +1241,11 @@ Learn how identities work in
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 204 | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -1264,7 +1265,9 @@ Learn how identities work in
}
```
-
+
#### Code samples
@@ -1290,7 +1293,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -1310,20 +1313,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/identities/{id}', {
method: 'DELETE',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -1393,7 +1396,6 @@ p JSON.parse(result)
### Get snapshot metrics from the Hydra service. If you're using k8s, you can then add annotations to
-
your deployment like so:
```
@@ -1410,19 +1412,19 @@ prometheus.io/path: "/metrics/prometheus"
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------ |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
-
+
#### Code samples
@@ -1465,15 +1467,15 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
fetch('/metrics/prometheus', {
method: 'GET'
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -1542,8 +1544,8 @@ Accept: application/json
```
-This endpoint creates a recovery link which should be given to the user in order
-for them to recover (or activate) their account.
+This endpoint creates a recovery link which should be given to the user in order for them to recover
+(or activate) their account.
#### Request body
@@ -1558,9 +1560,9 @@ for them to recover (or activate) their account.
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | ----------------------------------------------- | -------- | ----------- |
-| body | body | [CreateRecoveryLink](#schemacreaterecoverylink) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[CreateRecoveryLink](#schemacreaterecoverylink)|false|none|
#### Responses
@@ -1568,12 +1570,12 @@ for them to recover (or activate) their account.
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryLink | [recoveryLink](#schemarecoverylink) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryLink|[recoveryLink](#schemarecoverylink)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -1586,7 +1588,9 @@ for them to recover (or activate) their account.
}
```
-
+
#### Code samples
@@ -1612,7 +1616,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -1719,9 +1723,9 @@ p JSON.parse(result)
-
+
-## common
+## Public Endpoints
@@ -1739,9 +1743,9 @@ Get a Traits Schema Definition
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | ------ | -------- | -------------------------------------------------- |
-| id | path | string | true | ID must be set to the ID of schema you want to get |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|path|string|true|ID must be set to the ID of schema you want to get|
#### Responses
@@ -1749,11 +1753,11 @@ Get a Traits Schema Definition
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------------------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | The raw identity traits schema | Inline |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|The raw identity traits schema|Inline|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
@@ -1767,7 +1771,9 @@ Get a Traits Schema Definition
{}
```
-
+
#### Code samples
@@ -1793,7 +1799,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -1813,20 +1819,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/schemas/{id}', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -1893,63 +1899,58 @@ p JSON.parse(result)
-
+
-### Get User-Facing Self-Service Errors
+### Initialize Browser-Based Logout User Flow
```
-GET /self-service/errors?error=string HTTP/1.1
+GET /self-service/browser/flows/logout HTTP/1.1
Accept: application/json
```
-This endpoint returns the error associated with a user-facing self service
-errors.
-
-When accessing this endpoint through ORY Kratos' Public API, ensure that cookies
-are set as they are required for CSRF to work. To prevent token scanning
-attacks, the public endpoint does not return 404 status codes.
-
-This endpoint supports stub values to help you implement the error UI:
-
-`?error=stub:500` - returns a stub 500 (Internal Server Error) error.
-
-More information can be found at
-[ORY Kratos User User Facing Error Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-facing-errors).
+This endpoint initializes a logout flow.
-
+> This endpoint is NOT INTENDED for API clients and only works
+with browsers (Chrome, Firefox, ...).
-#### Parameters
+On successful logout, the browser will be redirected (HTTP 302 Found) to `urls.default_return_to`.
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | --------------------------- |
-| error | query | string | true | Error is the container's ID |
+More information can be found at [ORY Kratos User Logout Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-logout).
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | -------------------------- | --------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | User-facing error response | [errorContainer](#schemaerrorcontainer) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
-###### 200 response
+###### 500 response
```json
{
- "errors": {},
- "id": "string"
+ "error": {
+ "code": 404,
+ "debug": "The database adapter was unable to find the element",
+ "details": {},
+ "message": "string",
+ "reason": "string",
+ "request": "string",
+ "status": "string"
+ }
}
```
-
+
#### Code samples
@@ -1959,7 +1960,7 @@ More information can be found at
```shell
-curl -X GET /self-service/errors?error=string \
+curl -X GET /self-service/browser/flows/logout \
-H 'Accept: application/json'
```
@@ -1975,14 +1976,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/errors", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/browser/flows/logout", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -1995,20 +1996,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/errors?error=string', {
+fetch('/self-service/browser/flows/logout', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -2016,7 +2017,7 @@ fetch('/self-service/errors?error=string', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/errors?error=string");
+URL obj = new URL("/self-service/browser/flows/logout");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -2048,9 +2049,8 @@ headers = {
}
r = requests.get(
- '/self-service/errors',
- params={
- 'error': 'string'},
+ '/self-service/browser/flows/logout',
+ params={},
headers = headers)
print r.json()
@@ -2067,9 +2067,8 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/errors',
- params: {
- 'error' => 'string'}, headers: headers
+result = RestClient.get '/self-service/browser/flows/logout',
+ params: {}, headers: headers
p JSON.parse(result)
```
@@ -2077,180 +2076,56 @@ p JSON.parse(result)
-
+
-### Get Login Flow
+### Complete the Browser-Based Settings Flow for the OpenID Connect Strategy
```
-GET /self-service/login/flows?id=string HTTP/1.1
+POST /self-service/browser/flows/registration/strategies/oidc/settings/connections HTTP/1.1
Accept: application/json
```
-This endpoint returns a login flow's context with, for example, error details
-and other information.
-
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
-
-
-
-#### Parameters
-
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | ----------------- |
-| id | query | string | true | The Login Flow ID |
+This endpoint completes a browser-based settings flow. This is usually achieved by POSTing data to this
+endpoint.
-##### Detailed descriptions
-
-**id**: The Login Flow ID
+> This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...) and HTML Forms.
-The value for this parameter comes from `flow` URL Query parameter sent to your
-application (e.g. `/login?flow=abcde`).
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginFlow | [loginFlow](#schemaloginflow) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
-###### 200 response
+###### 500 response
```json
{
- "active": "string",
- "expires_at": "2019-08-24T14:15:22Z",
- "forced": true,
- "id": "string",
- "issued_at": "2019-08-24T14:15:22Z",
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "methods": {
- "property1": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string",
- "providers": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ]
- },
- "method": "string"
- },
- "property2": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string",
- "providers": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ]
- },
- "method": "string"
- }
- },
- "request_url": "string",
- "type": "string"
+ "error": {
+ "code": 404,
+ "debug": "The database adapter was unable to find the element",
+ "details": {},
+ "message": "string",
+ "reason": "string",
+ "request": "string",
+ "status": "string"
+ }
}
```
-
+
#### Code samples
@@ -2260,7 +2135,7 @@ application (e.g. `/login?flow=abcde`).
```shell
-curl -X GET /self-service/login/flows?id=string \
+curl -X POST /self-service/browser/flows/registration/strategies/oidc/settings/connections \
-H 'Accept: application/json'
```
@@ -2276,14 +2151,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/login/flows", bytes.NewBuffer(body))
+ req, err := http.NewRequest("POST", "/self-service/browser/flows/registration/strategies/oidc/settings/connections", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -2296,20 +2171,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/login/flows?id=string', {
- method: 'GET',
+fetch('/self-service/browser/flows/registration/strategies/oidc/settings/connections', {
+ method: 'POST',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -2317,10 +2192,10 @@ fetch('/self-service/login/flows?id=string', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/login/flows?id=string");
+URL obj = new URL("/self-service/browser/flows/registration/strategies/oidc/settings/connections");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
+con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
@@ -2348,10 +2223,9 @@ headers = {
'Accept': 'application/json'
}
-r = requests.get(
- '/self-service/login/flows',
- params={
- 'id': 'string'},
+r = requests.post(
+ '/self-service/browser/flows/registration/strategies/oidc/settings/connections',
+ params={},
headers = headers)
print r.json()
@@ -2368,9 +2242,8 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/login/flows',
- params: {
- 'id' => 'string'}, headers: headers
+result = RestClient.post '/self-service/browser/flows/registration/strategies/oidc/settings/connections',
+ params: {}, headers: headers
p JSON.parse(result)
```
@@ -2378,49 +2251,44 @@ p JSON.parse(result)
-
+
-### Get information about a recovery flow
+### Get User-Facing Self-Service Errors
```
-GET /self-service/recovery/flows?id=string HTTP/1.1
+GET /self-service/errors?error=string HTTP/1.1
Accept: application/json
```
-This endpoint returns a recovery flow's context with, for example, error details
-and other information.
-
-More information can be found at
-[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
+This endpoint returns the error associated with a user-facing self service errors.
-
+This endpoint supports stub values to help you implement the error UI:
-#### Parameters
+`?error=stub:500` - returns a stub 500 (Internal Server Error) error.
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | ----------- |
-| id | query | string | true | The Flow ID |
+More information can be found at [ORY Kratos User User Facing Error Documentation](https://www.ory.sh/docs/kratos/self-service/flows/user-facing-errors).
-##### Detailed descriptions
+
-**id**: The Flow ID
+#### Parameters
-The value for this parameter comes from `request` URL Query parameter sent to
-your application (e.g. `/recovery?flow=abcde`).
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|error|query|string|true|Error is the container's ID|
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|User-facing error response|[errorContainer](#schemaerrorcontainer)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -2428,93 +2296,14 @@ your application (e.g. `/recovery?flow=abcde`).
```json
{
- "active": "string",
- "expires_at": "2019-08-24T14:15:22Z",
- "id": "string",
- "issued_at": "2019-08-24T14:15:22Z",
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "methods": {
- "property1": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- },
- "property2": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- }
- },
- "request_url": "string",
- "state": "string",
- "type": "string"
+ "errors": {},
+ "id": "string"
}
```
-
+
#### Code samples
@@ -2524,7 +2313,7 @@ your application (e.g. `/recovery?flow=abcde`).
```shell
-curl -X GET /self-service/recovery/flows?id=string \
+curl -X GET /self-service/errors?error=string \
-H 'Accept: application/json'
```
@@ -2540,14 +2329,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/recovery/flows", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/errors", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -2560,20 +2349,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/recovery/flows?id=string', {
+fetch('/self-service/errors?error=string', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -2581,7 +2370,7 @@ fetch('/self-service/recovery/flows?id=string', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/recovery/flows?id=string");
+URL obj = new URL("/self-service/errors?error=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -2613,9 +2402,9 @@ headers = {
}
r = requests.get(
- '/self-service/recovery/flows',
+ '/self-service/errors',
params={
- 'id': 'string'},
+ 'error': 'string'},
headers = headers)
print r.json()
@@ -2632,9 +2421,9 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/recovery/flows',
+result = RestClient.get '/self-service/errors',
params: {
- 'id' => 'string'}, headers: headers
+ 'error' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -2642,50 +2431,62 @@ p JSON.parse(result)
-
+
-### Get Registration Flow
+### Initialize Login Flow for API clients
```
-GET /self-service/registration/flows?id=string HTTP/1.1
+GET /self-service/login/api HTTP/1.1
Accept: application/json
```
-This endpoint returns a registration flow's context with, for example, error
-details and other information.
+This endpoint initiates a login flow for API clients such as mobile devices, smart TVs, and so on.
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+If a valid provided session cookie or session token is provided, a 400 Bad Request error
+will be returned unless the URL query parameter `?refresh=true` is set.
-
+To fetch an existing login flow call `/self-service/login/flows?flow=`.
+
+:::warning
+
+You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server
+Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make
+you vulnerable to a variety of CSRF attacks, including CSRF login attacks.
+
+This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).
+
+:::
+
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+
+
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | ------------------------ |
-| id | query | string | true | The Registration Flow ID |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|refresh|query|boolean|false|Refresh a login session|
##### Detailed descriptions
-**id**: The Registration Flow ID
+**refresh**: Refresh a login session
-The value for this parameter comes from `flow` URL Query parameter sent to your
-application (e.g. `/registration?flow=abcde`).
+If set to true, this will refresh an existing login session by
+asking the user to sign in again. This will reset the
+authenticated_at time of the session.
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginFlow|[loginFlow](#schemaloginflow)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -2695,6 +2496,7 @@ application (e.g. `/registration?flow=abcde`).
{
"active": "string",
"expires_at": "2019-08-24T14:15:22Z",
+ "forced": true,
"id": "string",
"issued_at": "2019-08-24T14:15:22Z",
"messages": [
@@ -2814,7 +2616,9 @@ application (e.g. `/registration?flow=abcde`).
}
```
-
+
#### Code samples
@@ -2824,7 +2628,7 @@ application (e.g. `/registration?flow=abcde`).
```shell
-curl -X GET /self-service/registration/flows?id=string \
+curl -X GET /self-service/login/api \
-H 'Accept: application/json'
```
@@ -2840,14 +2644,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/registration/flows", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/login/api", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -2860,20 +2664,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/registration/flows?id=string', {
+fetch('/self-service/login/api', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -2881,7 +2685,7 @@ fetch('/self-service/registration/flows?id=string', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/registration/flows?id=string");
+URL obj = new URL("/self-service/login/api");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -2913,9 +2717,8 @@ headers = {
}
r = requests.get(
- '/self-service/registration/flows',
- params={
- 'id': 'string'},
+ '/self-service/login/api',
+ params={},
headers = headers)
print r.json()
@@ -2932,9 +2735,8 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/registration/flows',
- params: {
- 'id' => 'string'}, headers: headers
+result = RestClient.get '/self-service/login/api',
+ params: {}, headers: headers
p JSON.parse(result)
```
@@ -2942,809 +2744,73 @@ p JSON.parse(result)
-
+
-### Get Settings Flow
+### Initialize Login Flow for browsers
```
-GET /self-service/settings/flows?id=string HTTP/1.1
+GET /self-service/login/browser HTTP/1.1
Accept: application/json
```
-When accessing this endpoint through ORY Kratos' Public API you must ensure that
-either the ORY Kratos Session Cookie or the ORY Kratos Session Token are set.
-The public endpoint does not return 404 status codes but instead 403 or 500 to
-improve data privacy.
+This endpoint initializes a browser-based user login flow. Once initialized, the browser will be redirected to
+`selfservice.flows.login.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session
+exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter
+`?refresh=true` was set.
-You can access this endpoint without credentials when using ORY Kratos' Admin
-API.
+This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
-
+#### Responses
-#### Parameters
+
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | -------------------------- |
-| id | query | string | true | ID is the Settings Flow ID |
+##### Overview
-##### Detailed descriptions
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
-**id**: ID is the Settings Flow ID
+##### Examples
-The value for this parameter comes from `flow` URL Query parameter sent to your
-application (e.g. `/settings?flow=abcde`).
+###### 500 response
-#### Responses
+```json
+{
+ "error": {
+ "code": 404,
+ "debug": "The database adapter was unable to find the element",
+ "details": {},
+ "message": "string",
+ "reason": "string",
+ "request": "string",
+ "status": "string"
+ }
+}
+```
-
+
-##### Overview
+#### Code samples
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 410 | [Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+
+
-##### Examples
+```shell
+curl -X GET /self-service/login/browser \
+ -H 'Accept: application/json'
+```
-###### 200 response
-
-```json
-{
- "active": "string",
- "expires_at": "2019-08-24T14:15:22Z",
- "id": "string",
- "identity": {
- "id": "string",
- "recovery_addresses": [
- {
- "id": "string",
- "value": "string",
- "via": "string"
- }
- ],
- "schema_id": "string",
- "schema_url": "string",
- "traits": {},
- "verifiable_addresses": [
- {
- "id": "string",
- "status": "string",
- "value": "string",
- "verified": true,
- "verified_at": "2019-08-24T14:15:22Z",
- "via": "string"
- }
- ]
- },
- "issued_at": "2019-08-24T14:15:22Z",
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "methods": {
- "property1": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- },
- "property2": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- }
- },
- "request_url": "string",
- "state": "string",
- "type": "string"
-}
-```
-
-
-
-#### Code samples
-
-
-
-
-```shell
-curl -X GET /self-service/settings/flows?id=string \
- -H 'Accept: application/json'
-```
-
-
-
-
-```go
-package main
-
-import (
- "bytes"
- "net/http"
-)
-
-func main() {
- headers := map[string][]string{
- "Accept": []string{"application/json"},
- }
-
- var body []byte
- // body = ...
-
- req, err := http.NewRequest("GET", "/self-service/settings/flows", bytes.NewBuffer(body))
- req.Header = headers
-
- client := &http.Client{}
- resp, err := client.Do(req)
- // ...
-}
-```
-
-
-
-
-```javascript
-const fetch = require('node-fetch')
-
-const headers = {
- Accept: 'application/json'
-}
-
-fetch('/self-service/settings/flows?id=string', {
- method: 'GET',
- headers
-})
- .then((r) => r.json())
- .then((body) => {
- console.log(body)
- })
-```
-
-
-
-
-```java
-// This sample needs improvement.
-URL obj = new URL("/self-service/settings/flows?id=string");
-
-HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
-
-int responseCode = con.getResponseCode();
-
-BufferedReader in = new BufferedReader(
- new InputStreamReader(con.getInputStream())
-);
-
-String inputLine;
-StringBuffer response = new StringBuffer();
-while ((inputLine = in.readLine()) != null) {
- response.append(inputLine);
-}
-in.close();
-
-System.out.println(response.toString());
-```
-
-
-
-
-```python
-import requests
-
-headers = {
- 'Accept': 'application/json'
-}
-
-r = requests.get(
- '/self-service/settings/flows',
- params={
- 'id': 'string'},
- headers = headers)
-
-print r.json()
-```
-
-
-
-
-```ruby
-require 'rest-client'
-require 'json'
-
-headers = {
- 'Accept' => 'application/json'
-}
-
-result = RestClient.get '/self-service/settings/flows',
- params: {
- 'id' => 'string'}, headers: headers
-
-p JSON.parse(result)
-```
-
-
-
-
-
-
-### Get Verification Flow
-
-```
-GET /self-service/verification/flows?id=string HTTP/1.1
-Accept: application/json
-
-```
-
-This endpoint returns a verification flow's context with, for example, error
-details and other information.
-
-More information can be found at
-[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
-
-
-
-#### Parameters
-
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | ----------- |
-| id | query | string | true | The Flow ID |
-
-##### Detailed descriptions
-
-**id**: The Flow ID
-
-The value for this parameter comes from `request` URL Query parameter sent to
-your application (e.g. `/verification?flow=abcde`).
-
-#### Responses
-
-
-
-##### Overview
-
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | verificationFlow | [verificationFlow](#schemaverificationflow) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 404 | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
-
-##### Examples
-
-###### 200 response
-
-```json
-{
- "active": "string",
- "expires_at": "2019-08-24T14:15:22Z",
- "id": "string",
- "issued_at": "2019-08-24T14:15:22Z",
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "methods": {
- "property1": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- },
- "property2": {
- "config": {
- "action": "string",
- "fields": [
- {
- "disabled": true,
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "name": "string",
- "pattern": "string",
- "required": true,
- "type": "string",
- "value": {}
- }
- ],
- "messages": [
- {
- "context": {},
- "id": 0,
- "text": "string",
- "type": "string"
- }
- ],
- "method": "string"
- },
- "method": "string"
- }
- },
- "request_url": "string",
- "state": "string",
- "type": "string"
-}
-```
-
-
-
-#### Code samples
-
-
-
-
-```shell
-curl -X GET /self-service/verification/flows?id=string \
- -H 'Accept: application/json'
-```
-
-
-
-
-```go
-package main
-
-import (
- "bytes"
- "net/http"
-)
-
-func main() {
- headers := map[string][]string{
- "Accept": []string{"application/json"},
- }
-
- var body []byte
- // body = ...
-
- req, err := http.NewRequest("GET", "/self-service/verification/flows", bytes.NewBuffer(body))
- req.Header = headers
-
- client := &http.Client{}
- resp, err := client.Do(req)
- // ...
-}
-```
-
-
-
-
-```javascript
-const fetch = require('node-fetch')
-
-const headers = {
- Accept: 'application/json'
-}
-
-fetch('/self-service/verification/flows?id=string', {
- method: 'GET',
- headers
-})
- .then((r) => r.json())
- .then((body) => {
- console.log(body)
- })
-```
-
-
-
-
-```java
-// This sample needs improvement.
-URL obj = new URL("/self-service/verification/flows?id=string");
-
-HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
-
-int responseCode = con.getResponseCode();
-
-BufferedReader in = new BufferedReader(
- new InputStreamReader(con.getInputStream())
-);
-
-String inputLine;
-StringBuffer response = new StringBuffer();
-while ((inputLine = in.readLine()) != null) {
- response.append(inputLine);
-}
-in.close();
-
-System.out.println(response.toString());
-```
-
-
-
-
-```python
-import requests
-
-headers = {
- 'Accept': 'application/json'
-}
-
-r = requests.get(
- '/self-service/verification/flows',
- params={
- 'id': 'string'},
- headers = headers)
-
-print r.json()
-```
-
-
-
-
-```ruby
-require 'rest-client'
-require 'json'
-
-headers = {
- 'Accept' => 'application/json'
-}
-
-result = RestClient.get '/self-service/verification/flows',
- params: {
- 'id' => 'string'}, headers: headers
-
-p JSON.parse(result)
-```
-
-
-
-
-
-
-## Public Endpoints
-
-
-
-### Initialize Browser-Based Logout User Flow
-
-```
-GET /self-service/browser/flows/logout HTTP/1.1
-Accept: application/json
-
-```
-
-This endpoint initializes a logout flow.
-
-> This endpoint is NOT INTENDED for API clients and only works with browsers
-> (Chrome, Firefox, ...).
-
-On successful logout, the browser will be redirected (HTTP 302 Found) to
-`urls.default_return_to`.
-
-More information can be found at
-[ORY Kratos User Logout Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-logout).
-
-#### Responses
-
-
-
-##### Overview
-
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
-
-##### Examples
-
-###### 500 response
-
-```json
-{
- "error": {
- "code": 404,
- "debug": "The database adapter was unable to find the element",
- "details": {},
- "message": "string",
- "reason": "string",
- "request": "string",
- "status": "string"
- }
-}
-```
-
-
-
-#### Code samples
-
-
-
-
-```shell
-curl -X GET /self-service/browser/flows/logout \
- -H 'Accept: application/json'
-```
-
-
-
-
-```go
-package main
-
-import (
- "bytes"
- "net/http"
-)
-
-func main() {
- headers := map[string][]string{
- "Accept": []string{"application/json"},
- }
-
- var body []byte
- // body = ...
-
- req, err := http.NewRequest("GET", "/self-service/browser/flows/logout", bytes.NewBuffer(body))
- req.Header = headers
-
- client := &http.Client{}
- resp, err := client.Do(req)
- // ...
-}
-```
-
-
-
-
-```javascript
-const fetch = require('node-fetch')
-
-const headers = {
- Accept: 'application/json'
-}
-
-fetch('/self-service/browser/flows/logout', {
- method: 'GET',
- headers
-})
- .then((r) => r.json())
- .then((body) => {
- console.log(body)
- })
-```
-
-
-
-
-```java
-// This sample needs improvement.
-URL obj = new URL("/self-service/browser/flows/logout");
-
-HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
-
-int responseCode = con.getResponseCode();
-
-BufferedReader in = new BufferedReader(
- new InputStreamReader(con.getInputStream())
-);
-
-String inputLine;
-StringBuffer response = new StringBuffer();
-while ((inputLine = in.readLine()) != null) {
- response.append(inputLine);
-}
-in.close();
-
-System.out.println(response.toString());
-```
-
-
-
-
-```python
-import requests
-
-headers = {
- 'Accept': 'application/json'
-}
-
-r = requests.get(
- '/self-service/browser/flows/logout',
- params={},
- headers = headers)
-
-print r.json()
-```
-
-
-
-
-```ruby
-require 'rest-client'
-require 'json'
-
-headers = {
- 'Accept' => 'application/json'
-}
-
-result = RestClient.get '/self-service/browser/flows/logout',
- params: {}, headers: headers
-
-p JSON.parse(result)
-```
-
-
-
-
-
-
-### Complete the Browser-Based Settings Flow for the OpenID Connect Strategy
-
-```
-POST /self-service/browser/flows/registration/strategies/oidc/settings/connections HTTP/1.1
-Accept: application/json
-
-```
-
-This endpoint completes a browser-based settings flow. This is usually achieved
-by POSTing data to this endpoint.
-
-> This endpoint is NOT INTENDED for API clients and only works with browsers
-> (Chrome, Firefox, ...) and HTML Forms.
-
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
-
-#### Responses
-
-
-
-##### Overview
-
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
-
-##### Examples
-
-###### 500 response
-
-```json
-{
- "error": {
- "code": 404,
- "debug": "The database adapter was unable to find the element",
- "details": {},
- "message": "string",
- "reason": "string",
- "request": "string",
- "status": "string"
- }
-}
-```
-
-
-
-#### Code samples
-
-
-
-
-```shell
-curl -X POST /self-service/browser/flows/registration/strategies/oidc/settings/connections \
- -H 'Accept: application/json'
-```
-
-
-
+
+
```go
package main
@@ -3755,14 +2821,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("POST", "/self-service/browser/flows/registration/strategies/oidc/settings/connections", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/login/browser", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -3775,23 +2841,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch(
- '/self-service/browser/flows/registration/strategies/oidc/settings/connections',
- {
- method: 'POST',
- headers
- }
-)
- .then((r) => r.json())
- .then((body) => {
+fetch('/self-service/login/browser', {
+ method: 'GET',
+ headers
+})
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -3799,10 +2862,10 @@ fetch(
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/browser/flows/registration/strategies/oidc/settings/connections");
+URL obj = new URL("/self-service/login/browser");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("POST");
+con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
@@ -3830,8 +2893,8 @@ headers = {
'Accept': 'application/json'
}
-r = requests.post(
- '/self-service/browser/flows/registration/strategies/oidc/settings/connections',
+r = requests.get(
+ '/self-service/login/browser',
params={},
headers = headers)
@@ -3849,7 +2912,7 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.post '/self-service/browser/flows/registration/strategies/oidc/settings/connections',
+result = RestClient.get '/self-service/login/browser',
params: {}, headers: headers
p JSON.parse(result)
@@ -3858,66 +2921,48 @@ p JSON.parse(result)
-
+
-### Initialize Login Flow for API clients
+### Get Login Flow
```
-GET /self-service/login/api HTTP/1.1
+GET /self-service/login/flows?id=string HTTP/1.1
Accept: application/json
```
-This endpoint initiates a login flow for API clients such as mobile devices,
-smart TVs, and so on.
-
-If a valid provided session cookie or session token is provided, a 400 Bad
-Request error will be returned unless the URL query parameter `?refresh=true` is
-set.
-
-To fetch an existing login flow call `/self-service/login/flows?flow=`.
-
-:::warning
-
-You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS,
-AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser
-applications. Using this endpoint in these applications will make you vulnerable
-to a variety of CSRF attacks, including CSRF login attacks.
-
-This endpoint MUST ONLY be used in scenarios such as native mobile apps (React
-Native, Objective C, Swift, Java, ...).
+This endpoint returns a login flow's context with, for example, error details and other information.
-:::
-
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
-
+
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------- | -------- | ----------------------- |
-| refresh | query | boolean | false | Refresh a login session |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|query|string|true|The Login Flow ID|
##### Detailed descriptions
-**refresh**: Refresh a login session
+**id**: The Login Flow ID
-If set to true, this will refresh an existing login session by asking the user
-to sign in again. This will reset the authenticated_at time of the session.
+The value for this parameter comes from `flow` URL Query parameter sent to your
+application (e.g. `/login?flow=abcde`).
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginFlow | [loginFlow](#schemaloginflow) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginFlow|[loginFlow](#schemaloginflow)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -4047,7 +3092,9 @@ to sign in again. This will reset the authenticated_at time of the session.
}
```
-
+
#### Code samples
@@ -4057,7 +3104,7 @@ to sign in again. This will reset the authenticated_at time of the session.
```shell
-curl -X GET /self-service/login/api \
+curl -X GET /self-service/login/flows?id=string \
-H 'Accept: application/json'
```
@@ -4073,14 +3120,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/login/api", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/login/flows", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -4093,198 +3140,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
-}
-
-fetch('/self-service/login/api', {
- method: 'GET',
- headers
-})
- .then((r) => r.json())
- .then((body) => {
- console.log(body)
- })
-```
-
-
-
-
-```java
-// This sample needs improvement.
-URL obj = new URL("/self-service/login/api");
-
-HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
-
-int responseCode = con.getResponseCode();
-
-BufferedReader in = new BufferedReader(
- new InputStreamReader(con.getInputStream())
-);
-
-String inputLine;
-StringBuffer response = new StringBuffer();
-while ((inputLine = in.readLine()) != null) {
- response.append(inputLine);
-}
-in.close();
-
-System.out.println(response.toString());
-```
-
-
-
-
-```python
-import requests
-
-headers = {
'Accept': 'application/json'
}
-r = requests.get(
- '/self-service/login/api',
- params={},
- headers = headers)
-
-print r.json()
-```
-
-
-
-
-```ruby
-require 'rest-client'
-require 'json'
-
-headers = {
- 'Accept' => 'application/json'
-}
-
-result = RestClient.get '/self-service/login/api',
- params: {}, headers: headers
-
-p JSON.parse(result)
-```
-
-
-
-
-
-
-### Initialize Login Flow for browsers
-
-```
-GET /self-service/login/browser HTTP/1.1
-Accept: application/json
-
-```
-
-This endpoint initializes a browser-based user login flow. Once initialized, the
-browser will be redirected to `selfservice.flows.login.ui_url` with the flow ID
-set as the query parameter `?flow=`. If a valid user session exists already, the
-browser will be redirected to `urls.default_redirect_url` unless the query
-parameter `?refresh=true` was set.
-
-This endpoint is NOT INTENDED for API clients and only works with browsers
-(Chrome, Firefox, ...).
-
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
-
-#### Responses
-
-
-
-##### Overview
-
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
-
-##### Examples
-
-###### 500 response
-
-```json
-{
- "error": {
- "code": 404,
- "debug": "The database adapter was unable to find the element",
- "details": {},
- "message": "string",
- "reason": "string",
- "request": "string",
- "status": "string"
- }
-}
-```
-
-
-
-#### Code samples
-
-
-
-
-```shell
-curl -X GET /self-service/login/browser \
- -H 'Accept: application/json'
-```
-
-
-
-
-```go
-package main
-
-import (
- "bytes"
- "net/http"
-)
-
-func main() {
- headers := map[string][]string{
- "Accept": []string{"application/json"},
- }
-
- var body []byte
- // body = ...
-
- req, err := http.NewRequest("GET", "/self-service/login/browser", bytes.NewBuffer(body))
- req.Header = headers
-
- client := &http.Client{}
- resp, err := client.Do(req)
- // ...
-}
-```
-
-
-
-
-```javascript
-const fetch = require('node-fetch')
-
-const headers = {
- Accept: 'application/json'
-}
-
-fetch('/self-service/login/browser', {
+fetch('/self-service/login/flows?id=string', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -4292,7 +3161,7 @@ fetch('/self-service/login/browser', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/login/browser");
+URL obj = new URL("/self-service/login/flows?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -4324,8 +3193,9 @@ headers = {
}
r = requests.get(
- '/self-service/login/browser',
- params={},
+ '/self-service/login/flows',
+ params={
+ 'id': 'string'},
headers = headers)
print r.json()
@@ -4342,8 +3212,9 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/login/browser',
- params: {}, headers: headers
+result = RestClient.get '/self-service/login/flows',
+ params: {
+ 'id' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -4356,37 +3227,35 @@ p JSON.parse(result)
### Complete Login Flow with Username/Email Password Method
```
-GET /self-service/login/methods/password?flow=string HTTP/1.1
+POST /self-service/login/methods/password?flow=string HTTP/1.1
Accept: application/json
```
-Use this endpoint to complete a login flow by sending an identity's identifier
-and password. This endpoint behaves differently for API and browser flows.
+Use this endpoint to complete a login flow by sending an identity's identifier and password. This endpoint
+behaves differently for API and browser flows.
API flows expect `application/json` to be sent in the body and responds with
-HTTP 200 and a application/json body with the session token on success; HTTP 302
-redirect to a fresh login flow if the original flow expired with the appropriate
-error messages set; HTTP 400 on form validation errors.
+HTTP 200 and a application/json body with the session token on success;
+HTTP 302 redirect to a fresh login flow if the original flow expired with the appropriate error messages set;
+HTTP 400 on form validation errors.
-Browser flows expect `application/x-www-form-urlencoded` to be sent in the body
-and responds with a HTTP 302 redirect to the post/after login URL or the
-`return_to` value if it was set and if the login succeeded; a HTTP 302 redirect
-to the login UI URL with the flow ID containing the validation errors otherwise.
+Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with
+a HTTP 302 redirect to the post/after login URL or the `return_to` value if it was set and if the login succeeded;
+a HTTP 302 redirect to the login UI URL with the flow ID containing the validation errors otherwise.
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
#### Parameters
-| Parameter | In | Type | Required | Description |
-| ---------- | ----- | ------ | -------- | --------------------------------------------------------------------- |
-| password | query | string | false | The user's password. |
-| identifier | query | string | false | Identifier is the email or username of the user trying to log in. |
-| csrf_token | query | string | false | Sending the anti-csrf token is only required for browser login flows. |
-| flow | query | string | true | The Flow ID |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|password|query|string|false|The user's password.|
+|identifier|query|string|false|Identifier is the email or username of the user trying to log in.|
+|csrf_token|query|string|false|Sending the anti-csrf token is only required for browser login flows.|
+|flow|query|string|true|The Flow ID|
#### Responses
@@ -4394,13 +3263,13 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | loginViaApiResponse | [loginViaApiResponse](#schemaloginviaapiresponse) |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | loginFlow | [loginFlow](#schemaloginflow) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|loginViaApiResponse|[loginViaApiResponse](#schemaloginviaapiresponse)|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|loginFlow|[loginFlow](#schemaloginflow)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -4442,7 +3311,9 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -4452,7 +3323,7 @@ More information can be found at
```shell
-curl -X GET /self-service/login/methods/password?flow=string \
+curl -X POST /self-service/login/methods/password?flow=string \
-H 'Accept: application/json'
```
@@ -4468,14 +3339,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/login/methods/password", bytes.NewBuffer(body))
+ req, err := http.NewRequest("POST", "/self-service/login/methods/password", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -4488,20 +3359,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/self-service/login/methods/password?flow=string', {
- method: 'GET',
+ method: 'POST',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -4512,7 +3383,7 @@ fetch('/self-service/login/methods/password?flow=string', {
URL obj = new URL("/self-service/login/methods/password?flow=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
-con.setRequestMethod("GET");
+con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
@@ -4540,7 +3411,7 @@ headers = {
'Accept': 'application/json'
}
-r = requests.get(
+r = requests.post(
'/self-service/login/methods/password',
params={
'flow': 'string'},
@@ -4560,7 +3431,7 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/login/methods/password',
+result = RestClient.post '/self-service/login/methods/password',
params: {
'flow' => 'string'}, headers: headers
@@ -4580,29 +3451,23 @@ Accept: application/json
```
-This endpoint initiates a recovery flow for API clients such as mobile devices,
-smart TVs, and so on.
+This endpoint initiates a recovery flow for API clients such as mobile devices, smart TVs, and so on.
-If a valid provided session cookie or session token is provided, a 400 Bad
-Request error.
+If a valid provided session cookie or session token is provided, a 400 Bad Request error.
-To fetch an existing recovery flow call
-`/self-service/recovery/flows?flow=`.
+To fetch an existing recovery flow call `/self-service/recovery/flows?flow=`.
:::warning
-You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS,
-AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser
-applications. Using this endpoint in these applications will make you vulnerable
-to a variety of CSRF attacks.
+You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server
+Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make
+you vulnerable to a variety of CSRF attacks.
-This endpoint MUST ONLY be used in scenarios such as native mobile apps (React
-Native, Objective C, Swift, Java, ...).
+This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).
:::
-More information can be found at
-[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
+More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
#### Responses
@@ -4610,11 +3475,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -4708,7 +3573,9 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -4734,7 +3601,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -4754,20 +3621,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/self-service/recovery/api', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -4844,17 +3711,13 @@ Accept: application/json
```
-This endpoint initializes a browser-based account recovery flow. Once
-initialized, the browser will be redirected to
-`selfservice.flows.recovery.ui_url` with the flow ID set as the query parameter
-`?flow=`. If a valid user session exists, the browser is returned to the
-configured return URL.
+This endpoint initializes a browser-based account recovery flow. Once initialized, the browser will be redirected to
+`selfservice.flows.recovery.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session
+exists, the browser is returned to the configured return URL.
-This endpoint is NOT INTENDED for API clients and only works with browsers
-(Chrome, Firefox, ...).
+This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).
-More information can be found at
-[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
+More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
#### Responses
@@ -4862,11 +3725,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -4886,7 +3749,9 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -4912,7 +3777,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -4932,20 +3797,282 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/self-service/recovery/browser', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
+ console.log(body)
+})
+```
+
+
+
+
+```java
+// This sample needs improvement.
+URL obj = new URL("/self-service/recovery/browser");
+
+HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+con.setRequestMethod("GET");
+
+int responseCode = con.getResponseCode();
+
+BufferedReader in = new BufferedReader(
+ new InputStreamReader(con.getInputStream())
+);
+
+String inputLine;
+StringBuffer response = new StringBuffer();
+while ((inputLine = in.readLine()) != null) {
+ response.append(inputLine);
+}
+in.close();
+
+System.out.println(response.toString());
+```
+
+
+
+
+```python
+import requests
+
+headers = {
+ 'Accept': 'application/json'
+}
+
+r = requests.get(
+ '/self-service/recovery/browser',
+ params={},
+ headers = headers)
+
+print r.json()
+```
+
+
+
+
+```ruby
+require 'rest-client'
+require 'json'
+
+headers = {
+ 'Accept' => 'application/json'
+}
+
+result = RestClient.get '/self-service/recovery/browser',
+ params: {}, headers: headers
+
+p JSON.parse(result)
+```
+
+
+
+
+
+
+### Get information about a recovery flow
+
+```
+GET /self-service/recovery/flows?id=string HTTP/1.1
+Accept: application/json
+
+```
+
+This endpoint returns a recovery flow's context with, for example, error details and other information.
+
+More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
+
+
+
+#### Parameters
+
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|query|string|true|The Flow ID|
+
+##### Detailed descriptions
+
+**id**: The Flow ID
+
+The value for this parameter comes from `request` URL Query parameter sent to your
+application (e.g. `/recovery?flow=abcde`).
+
+#### Responses
+
+
+
+##### Overview
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
+
+##### Examples
+
+###### 200 response
+
+```json
+{
+ "active": "string",
+ "expires_at": "2019-08-24T14:15:22Z",
+ "id": "string",
+ "issued_at": "2019-08-24T14:15:22Z",
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "methods": {
+ "property1": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ },
+ "property2": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ }
+ },
+ "request_url": "string",
+ "state": "string",
+ "type": "string"
+}
+```
+
+
+
+#### Code samples
+
+
+
+
+```shell
+curl -X GET /self-service/recovery/flows?id=string \
+ -H 'Accept: application/json'
+```
+
+
+
+
+```go
+package main
+
+import (
+ "bytes"
+ "net/http"
+)
+
+func main() {
+ headers := map[string][]string{
+ "Accept": []string{"application/json"},
+ }
+
+ var body []byte
+ // body = ...
+
+ req, err := http.NewRequest("GET", "/self-service/recovery/flows", bytes.NewBuffer(body))
+ req.Header = headers
+
+ client := &http.Client{}
+ resp, err := client.Do(req)
+ // ...
+}
+```
+
+
+
+
+```javascript
+const fetch = require('node-fetch');
+
+const headers = {
+ 'Accept': 'application/json'
+}
+
+fetch('/self-service/recovery/flows?id=string', {
+ method: 'GET',
+ headers
+})
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -4953,7 +4080,7 @@ fetch('/self-service/recovery/browser', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/recovery/browser");
+URL obj = new URL("/self-service/recovery/flows?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -4985,8 +4112,9 @@ headers = {
}
r = requests.get(
- '/self-service/recovery/browser',
- params={},
+ '/self-service/recovery/flows',
+ params={
+ 'id': 'string'},
headers = headers)
print r.json()
@@ -5003,8 +4131,9 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/recovery/browser',
- params: {}, headers: headers
+result = RestClient.get '/self-service/recovery/flows',
+ params: {
+ 'id' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -5023,27 +4152,22 @@ Accept: application/json
```
-Use this endpoint to complete a recovery flow using the link method. This
-endpoint behaves differently for API and browser flows and has several states:
+Use this endpoint to complete a recovery flow using the link method. This endpoint
+behaves differently for API and browser flows and has several states:
-`choose_method` expects `flow` (in the URL query) and `email` (in the body) to
-be sent and works with API- and Browser-initiated flows. For API clients it
-either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the
-form is invalid and a HTTP 302 Found redirect with a fresh recovery flow if the
-flow was otherwise invalid (e.g. expired). For Browser clients it returns a HTTP
-302 Found redirect to the Recovery UI URL with the Recovery Flow ID appended.
-`sent_email` is the success state after `choose_method` and allows the user to
-request another recovery email. It works for both API and Browser-initiated
-flows and returns the same responses as the flow in `choose_method` state.
-`passed_challenge` expects a `token` to be sent in the URL query and given the
-nature of the flow ("sending a recovery link") does not have any API
-capabilities. The server responds with a HTTP 302 Found redirect either to the
-Settings UI URL (if the link was valid) and instructs the user to update their
-password, or a redirect to the Recover UI URL with a new Recovery Flow ID which
-contains an error message that the recovery link was invalid.
+`choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent
+and works with API- and Browser-initiated flows.
+For API clients it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid
+and a HTTP 302 Found redirect with a fresh recovery flow if the flow was otherwise invalid (e.g. expired).
+For Browser clients it returns a HTTP 302 Found redirect to the Recovery UI URL with the Recovery Flow ID appended.
+`sent_email` is the success state after `choose_method` and allows the user to request another recovery email. It
+works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state.
+`passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a recovery link")
+does not have any API capabilities. The server responds with a HTTP 302 Found redirect either to the Settings UI URL
+(if the link was valid) and instructs the user to update their password, or a redirect to the Recover UI URL with
+a new Recovery Flow ID which contains an error message that the recovery link was invalid.
-More information can be found at
-[ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
+More information can be found at [ORY Kratos Account Recovery Documentation](../self-service/flows/account-recovery.mdx).
#### Request body
@@ -5057,24 +4181,25 @@ More information can be found at
```yaml
csrf_token: string
email: string
+
```
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ----------------------------------------------------------------------------------------------------- | -------- | -------------- |
-| token | query | string | false | Recovery Token |
-| flow | query | string | false | The Flow ID |
-| body | body | [completeSelfServiceRecoveryFlowWithLinkMethod](#schemacompleteselfservicerecoveryflowwithlinkmethod) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|token|query|string|false|Recovery Token|
+|flow|query|string|false|The Flow ID|
+|body|body|[completeSelfServiceRecoveryFlowWithLinkMethod](#schemacompleteselfservicerecoveryflowwithlinkmethod)|false|none|
##### Detailed descriptions
**token**: Recovery Token
-The recovery token which completes the recovery request. If the token is invalid
-(e.g. expired) an error will be shown to the end-user.
+The recovery token which completes the recovery request. If the token
+is invalid (e.g. expired) an error will be shown to the end-user.
**flow**: The Flow ID
@@ -5086,12 +4211,12 @@ format: uuid
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | recoveryFlow | [recoveryFlow](#schemarecoveryflow) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|recoveryFlow|[recoveryFlow](#schemarecoveryflow)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -5185,7 +4310,9 @@ format: uuid
}
```
-
+
#### Code samples
@@ -5211,7 +4338,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -5328,30 +4455,24 @@ Accept: application/json
```
-This endpoint initiates a registration flow for API clients such as mobile
-devices, smart TVs, and so on.
+This endpoint initiates a registration flow for API clients such as mobile devices, smart TVs, and so on.
-If a valid provided session cookie or session token is provided, a 400 Bad
-Request error will be returned unless the URL query parameter `?refresh=true` is
-set.
+If a valid provided session cookie or session token is provided, a 400 Bad Request error
+will be returned unless the URL query parameter `?refresh=true` is set.
-To fetch an existing registration flow call
-`/self-service/registration/flows?flow=`.
+To fetch an existing registration flow call `/self-service/registration/flows?flow=`.
:::warning
-You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS,
-AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser
-applications. Using this endpoint in these applications will make you vulnerable
-to a variety of CSRF attacks.
+You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server
+Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make
+you vulnerable to a variety of CSRF attacks.
-This endpoint MUST ONLY be used in scenarios such as native mobile apps (React
-Native, Objective C, Swift, Java, ...).
+This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).
:::
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
#### Responses
@@ -5359,11 +4480,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -5492,7 +4613,9 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -5518,7 +4641,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -5538,20 +4661,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/self-service/registration/api', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -5628,22 +4751,18 @@ Accept: application/json
```
-This endpoint initializes a browser-based user registration flow. Once
-initialized, the browser will be redirected to
-`selfservice.flows.registration.ui_url` with the flow ID set as the query
-parameter `?flow=`. If a valid user session exists already, the browser will be
-redirected to `urls.default_redirect_url` unless the query parameter
+This endpoint initializes a browser-based user registration flow. Once initialized, the browser will be redirected to
+`selfservice.flows.registration.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session
+exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter
`?refresh=true` was set.
:::note
-This endpoint is NOT INTENDED for API clients and only works with browsers
-(Chrome, Firefox, ...).
+This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).
:::
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
#### Responses
@@ -5651,11 +4770,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -5675,7 +4794,307 @@ More information can be found at
}
```
-
+
+
+#### Code samples
+
+
+
+
+```shell
+curl -X GET /self-service/registration/browser \
+ -H 'Accept: application/json'
+```
+
+
+
+
+```go
+package main
+
+import (
+ "bytes"
+ "net/http"
+)
+
+func main() {
+ headers := map[string][]string{
+ "Accept": []string{"application/json"},
+ }
+
+ var body []byte
+ // body = ...
+
+ req, err := http.NewRequest("GET", "/self-service/registration/browser", bytes.NewBuffer(body))
+ req.Header = headers
+
+ client := &http.Client{}
+ resp, err := client.Do(req)
+ // ...
+}
+```
+
+
+
+
+```javascript
+const fetch = require('node-fetch');
+
+const headers = {
+ 'Accept': 'application/json'
+}
+
+fetch('/self-service/registration/browser', {
+ method: 'GET',
+ headers
+})
+.then(r => r.json())
+.then((body) => {
+ console.log(body)
+})
+```
+
+
+
+
+```java
+// This sample needs improvement.
+URL obj = new URL("/self-service/registration/browser");
+
+HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+con.setRequestMethod("GET");
+
+int responseCode = con.getResponseCode();
+
+BufferedReader in = new BufferedReader(
+ new InputStreamReader(con.getInputStream())
+);
+
+String inputLine;
+StringBuffer response = new StringBuffer();
+while ((inputLine = in.readLine()) != null) {
+ response.append(inputLine);
+}
+in.close();
+
+System.out.println(response.toString());
+```
+
+
+
+
+```python
+import requests
+
+headers = {
+ 'Accept': 'application/json'
+}
+
+r = requests.get(
+ '/self-service/registration/browser',
+ params={},
+ headers = headers)
+
+print r.json()
+```
+
+
+
+
+```ruby
+require 'rest-client'
+require 'json'
+
+headers = {
+ 'Accept' => 'application/json'
+}
+
+result = RestClient.get '/self-service/registration/browser',
+ params: {}, headers: headers
+
+p JSON.parse(result)
+```
+
+
+
+
+
+
+### Get Registration Flow
+
+```
+GET /self-service/registration/flows?id=string HTTP/1.1
+Accept: application/json
+
+```
+
+This endpoint returns a registration flow's context with, for example, error details and other information.
+
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+
+
+
+#### Parameters
+
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|query|string|true|The Registration Flow ID|
+
+##### Detailed descriptions
+
+**id**: The Registration Flow ID
+
+The value for this parameter comes from `flow` URL Query parameter sent to your
+application (e.g. `/registration?flow=abcde`).
+
+#### Responses
+
+
+
+##### Overview
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
+
+##### Examples
+
+###### 200 response
+
+```json
+{
+ "active": "string",
+ "expires_at": "2019-08-24T14:15:22Z",
+ "id": "string",
+ "issued_at": "2019-08-24T14:15:22Z",
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "methods": {
+ "property1": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string",
+ "providers": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ]
+ },
+ "method": "string"
+ },
+ "property2": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string",
+ "providers": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ]
+ },
+ "method": "string"
+ }
+ },
+ "request_url": "string",
+ "type": "string"
+}
+```
+
+
#### Code samples
@@ -5685,7 +5104,7 @@ More information can be found at
```shell
-curl -X GET /self-service/registration/browser \
+curl -X GET /self-service/registration/flows?id=string \
-H 'Accept: application/json'
```
@@ -5701,14 +5120,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/registration/browser", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/registration/flows", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -5721,20 +5140,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/registration/browser', {
+fetch('/self-service/registration/flows?id=string', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -5742,7 +5161,7 @@ fetch('/self-service/registration/browser', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/registration/browser");
+URL obj = new URL("/self-service/registration/flows?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -5774,8 +5193,9 @@ headers = {
}
r = requests.get(
- '/self-service/registration/browser',
- params={},
+ '/self-service/registration/flows',
+ params={
+ 'id': 'string'},
headers = headers)
print r.json()
@@ -5792,8 +5212,9 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/registration/browser',
- params: {}, headers: headers
+result = RestClient.get '/self-service/registration/flows',
+ params: {
+ 'id' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -5812,25 +5233,20 @@ Accept: application/json
```
-Use this endpoint to complete a registration flow by sending an identity's
-traits and password. This endpoint behaves differently for API and browser
-flows.
+Use this endpoint to complete a registration flow by sending an identity's traits and password. This endpoint
+behaves differently for API and browser flows.
-API flows expect `application/json` to be sent in the body and respond with HTTP
-200 and a application/json body with the created identity success - if the
-session hook is configured the `session` and `session_token` will also be
-included; HTTP 302 redirect to a fresh registration flow if the original flow
-expired with the appropriate error messages set; HTTP 400 on form validation
-errors.
+API flows expect `application/json` to be sent in the body and respond with
+HTTP 200 and a application/json body with the created identity success - if the session hook is configured the
+`session` and `session_token` will also be included;
+HTTP 302 redirect to a fresh registration flow if the original flow expired with the appropriate error messages set;
+HTTP 400 on form validation errors.
-Browser flows expect `application/x-www-form-urlencoded` to be sent in the body
-and responds with a HTTP 302 redirect to the post/after registration URL or the
-`return_to` value if it was set and if the registration succeeded; a HTTP 302
-redirect to the registration UI URL with the flow ID containing the validation
-errors otherwise.
+Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with
+a HTTP 302 redirect to the post/after registration URL or the `return_to` value if it was set and if the registration succeeded;
+a HTTP 302 redirect to the registration UI URL with the flow ID containing the validation errors otherwise.
-More information can be found at
-[ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
+More information can be found at [ORY Kratos User Login and User Registration Documentation](https://www.ory.sh/docs/next/kratos/self-service/flows/user-login-user-registration).
#### Request body
@@ -5840,16 +5256,17 @@ More information can be found at
```yaml
{}
+
```
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------ | -------- | ---------------- |
-| flow | query | string | false | Flow is flow ID. |
-| body | body | object | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|flow|query|string|false|Flow is flow ID.|
+|body|body|object|false|none|
#### Responses
@@ -5857,13 +5274,13 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | registrationViaApiResponse | [registrationViaApiResponse](#schemaregistrationviaapiresponse) |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | registrationFlow | [registrationFlow](#schemaregistrationflow) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|registrationViaApiResponse|[registrationViaApiResponse](#schemaregistrationviaapiresponse)|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|registrationFlow|[registrationFlow](#schemaregistrationflow)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -5928,7 +5345,9 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -5954,7 +5373,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -5975,11 +5394,10 @@ func main() {
```javascript
-const fetch = require('node-fetch')
-const input = '{}'
+const fetch = require('node-fetch');
+const input = '{}';
const headers = {
- 'Content-Type': 'application/json',
- Accept: 'application/json'
+ 'Content-Type': 'application/json', 'Accept': 'application/json'
}
fetch('/self-service/registration/methods/password', {
@@ -5987,10 +5405,10 @@ fetch('/self-service/registration/methods/password', {
body: input,
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -6069,27 +5487,22 @@ Accept: application/json
```
-This endpoint initiates a settings flow for API clients such as mobile devices,
-smart TVs, and so on. You must provide a valid ORY Kratos Session Token for this
-endpoint to respond with HTTP 200 OK.
+This endpoint initiates a settings flow for API clients such as mobile devices, smart TVs, and so on.
+You must provide a valid ORY Kratos Session Token for this endpoint to respond with HTTP 200 OK.
-To fetch an existing settings flow call
-`/self-service/settings/flows?flow=`.
+To fetch an existing settings flow call `/self-service/settings/flows?flow=`.
:::warning
-You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS,
-AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser
-applications. Using this endpoint in these applications will make you vulnerable
-to a variety of CSRF attacks.
+You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server
+Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make
+you vulnerable to a variety of CSRF attacks.
-This endpoint MUST ONLY be used in scenarios such as native mobile apps (React
-Native, Objective C, Swift, Java, ...).
+This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).
:::
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
#### Responses
@@ -6097,11 +5510,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -6218,7 +5631,10 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -6229,7 +5645,7 @@ More information can be found at
```shell
curl -X GET /self-service/settings/api \
- -H 'Accept: application/json'
+ -H 'Accept: application/json' \ -H 'Authorization: API_KEY'
```
@@ -6244,8 +5660,9 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
+ "Authorization": []string{"API_KEY"},
}
var body []byte
@@ -6264,20 +5681,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json', 'Authorization': 'API_KEY'
}
fetch('/self-service/settings/api', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -6313,7 +5730,8 @@ System.out.println(response.toString());
import requests
headers = {
- 'Accept': 'application/json'
+ 'Accept': 'application/json',
+ 'Authorization': 'API_KEY'
}
r = requests.get(
@@ -6332,7 +5750,8 @@ require 'rest-client'
require 'json'
headers = {
- 'Accept' => 'application/json'
+ 'Accept' => 'application/json',
+ 'Authorization' => 'API_KEY'
}
result = RestClient.get '/self-service/settings/api',
@@ -6354,20 +5773,17 @@ Accept: application/json
```
-This endpoint initializes a browser-based user settings flow. Once initialized,
-the browser will be redirected to `selfservice.flows.settings.ui_url` with the
-flow ID set as the query parameter `?flow=`. If no valid ORY Kratos Session
-Cookie is included in the request, a login flow will be initialized.
+This endpoint initializes a browser-based user settings flow. Once initialized, the browser will be redirected to
+`selfservice.flows.settings.ui_url` with the flow ID set as the query parameter `?flow=`. If no valid
+ORY Kratos Session Cookie is included in the request, a login flow will be initialized.
:::note
-This endpoint is NOT INTENDED for API clients and only works with browsers
-(Chrome, Firefox, ...).
+This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).
:::
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
#### Responses
@@ -6375,11 +5791,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -6399,7 +5815,304 @@ More information can be found at
}
```
-
+
+
+#### Code samples
+
+
+
+
+```shell
+curl -X GET /self-service/settings/browser/flows \
+ -H 'Accept: application/json' \ -H 'Authorization: API_KEY'
+```
+
+
+
+
+```go
+package main
+
+import (
+ "bytes"
+ "net/http"
+)
+
+func main() {
+ headers := map[string][]string{
+ "Accept": []string{"application/json"},
+ "Authorization": []string{"API_KEY"},
+ }
+
+ var body []byte
+ // body = ...
+
+ req, err := http.NewRequest("GET", "/self-service/settings/browser/flows", bytes.NewBuffer(body))
+ req.Header = headers
+
+ client := &http.Client{}
+ resp, err := client.Do(req)
+ // ...
+}
+```
+
+
+
+
+```javascript
+const fetch = require('node-fetch');
+
+const headers = {
+ 'Accept': 'application/json', 'Authorization': 'API_KEY'
+}
+
+fetch('/self-service/settings/browser/flows', {
+ method: 'GET',
+ headers
+})
+.then(r => r.json())
+.then((body) => {
+ console.log(body)
+})
+```
+
+
+
+
+```java
+// This sample needs improvement.
+URL obj = new URL("/self-service/settings/browser/flows");
+
+HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+con.setRequestMethod("GET");
+
+int responseCode = con.getResponseCode();
+
+BufferedReader in = new BufferedReader(
+ new InputStreamReader(con.getInputStream())
+);
+
+String inputLine;
+StringBuffer response = new StringBuffer();
+while ((inputLine = in.readLine()) != null) {
+ response.append(inputLine);
+}
+in.close();
+
+System.out.println(response.toString());
+```
+
+
+
+
+```python
+import requests
+
+headers = {
+ 'Accept': 'application/json',
+ 'Authorization': 'API_KEY'
+}
+
+r = requests.get(
+ '/self-service/settings/browser/flows',
+ params={},
+ headers = headers)
+
+print r.json()
+```
+
+
+
+
+```ruby
+require 'rest-client'
+require 'json'
+
+headers = {
+ 'Accept' => 'application/json',
+ 'Authorization' => 'API_KEY'
+}
+
+result = RestClient.get '/self-service/settings/browser/flows',
+ params: {}, headers: headers
+
+p JSON.parse(result)
+```
+
+
+
+
+
+
+### Get Settings Flow
+
+```
+GET /self-service/settings/flows?id=string HTTP/1.1
+Accept: application/json
+
+```
+
+When accessing this endpoint through ORY Kratos' Public API you must ensure that either the ORY Kratos Session Cookie
+or the ORY Kratos Session Token are set. The public endpoint does not return 404 status codes
+but instead 403 or 500 to improve data privacy.
+
+You can access this endpoint without credentials when using ORY Kratos' Admin API.
+
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+
+
+
+#### Parameters
+
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|query|string|true|ID is the Settings Flow ID|
+
+##### Detailed descriptions
+
+**id**: ID is the Settings Flow ID
+
+The value for this parameter comes from `flow` URL Query parameter sent to your
+application (e.g. `/settings?flow=abcde`).
+
+#### Responses
+
+
+
+##### Overview
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|410|[Gone](https://tools.ietf.org/html/rfc7231#section-6.5.9)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
+
+##### Examples
+
+###### 200 response
+
+```json
+{
+ "active": "string",
+ "expires_at": "2019-08-24T14:15:22Z",
+ "id": "string",
+ "identity": {
+ "id": "string",
+ "recovery_addresses": [
+ {
+ "id": "string",
+ "value": "string",
+ "via": "string"
+ }
+ ],
+ "schema_id": "string",
+ "schema_url": "string",
+ "traits": {},
+ "verifiable_addresses": [
+ {
+ "id": "string",
+ "status": "string",
+ "value": "string",
+ "verified": true,
+ "verified_at": "2019-08-24T14:15:22Z",
+ "via": "string"
+ }
+ ]
+ },
+ "issued_at": "2019-08-24T14:15:22Z",
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "methods": {
+ "property1": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ },
+ "property2": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ }
+ },
+ "request_url": "string",
+ "state": "string",
+ "type": "string"
+}
+```
+
+
#### Code samples
@@ -6409,8 +6122,8 @@ More information can be found at
```shell
-curl -X GET /self-service/settings/browser/flows \
- -H 'Accept: application/json'
+curl -X GET /self-service/settings/flows?id=string \
+ -H 'Accept: application/json' \ -H 'Authorization: API_KEY'
```
@@ -6425,14 +6138,15 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
+ "Authorization": []string{"API_KEY"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/settings/browser/flows", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/settings/flows", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -6445,20 +6159,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json', 'Authorization': 'API_KEY'
}
-fetch('/self-service/settings/browser/flows', {
+fetch('/self-service/settings/flows?id=string', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -6466,7 +6180,7 @@ fetch('/self-service/settings/browser/flows', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/settings/browser/flows");
+URL obj = new URL("/self-service/settings/flows?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -6494,12 +6208,14 @@ System.out.println(response.toString());
import requests
headers = {
- 'Accept': 'application/json'
+ 'Accept': 'application/json',
+ 'Authorization': 'API_KEY'
}
r = requests.get(
- '/self-service/settings/browser/flows',
- params={},
+ '/self-service/settings/flows',
+ params={
+ 'id': 'string'},
headers = headers)
print r.json()
@@ -6513,11 +6229,13 @@ require 'rest-client'
require 'json'
headers = {
- 'Accept' => 'application/json'
+ 'Accept' => 'application/json',
+ 'Authorization' => 'API_KEY'
}
-result = RestClient.get '/self-service/settings/browser/flows',
- params: {}, headers: headers
+result = RestClient.get '/self-service/settings/flows',
+ params: {
+ 'id' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -6536,26 +6254,23 @@ Accept: application/json
```
-Use this endpoint to complete a settings flow by sending an identity's updated
-password. This endpoint behaves differently for API and browser flows.
+Use this endpoint to complete a settings flow by sending an identity's updated password. This endpoint
+behaves differently for API and browser flows.
-API-initiated flows expect `application/json` to be sent in the body and respond
-with HTTP 200 and an application/json body with the session token on success;
-HTTP 302 redirect to a fresh settings flow if the original flow expired with the
-appropriate error messages set; HTTP 400 on form validation errors. HTTP 401
-when the endpoint is called without a valid session token. HTTP 403 when
-`selfservice.flows.settings.privileged_session_max_age` was reached. Implies
-that the user needs to re-authenticate.
+API-initiated flows expect `application/json` to be sent in the body and respond with
+HTTP 200 and an application/json body with the session token on success;
+HTTP 302 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set;
+HTTP 400 on form validation errors.
+HTTP 401 when the endpoint is called without a valid session token.
+HTTP 403 when `selfservice.flows.settings.privileged_session_max_age` was reached.
+Implies that the user needs to re-authenticate.
-Browser flows expect `application/x-www-form-urlencoded` to be sent in the body
-and responds with a HTTP 302 redirect to the post/after settings URL or the
-`return_to` value if it was set and if the flow succeeded; a HTTP 302 redirect
-to the Settings UI URL with the flow ID containing the validation errors
-otherwise. a HTTP 302 redirect to the login endpoint when
-`selfservice.flows.settings.privileged_session_max_age` was reached.
+Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with
+a HTTP 302 redirect to the post/after settings URL or the `return_to` value if it was set and if the flow succeeded;
+a HTTP 302 redirect to the Settings UI URL with the flow ID containing the validation errors otherwise.
+a HTTP 302 redirect to the login endpoint when `selfservice.flows.settings.privileged_session_max_age` was reached.
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
#### Request body
@@ -6569,16 +6284,17 @@ More information can be found at
```yaml
csrf_token: string
password: string
+
```
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------------------------------------------------------------------------------------------------------------- | -------- | ---------------- |
-| flow | query | string | false | Flow is flow ID. |
-| body | body | [CompleteSelfServiceSettingsFlowWithPasswordMethod](#schemacompleteselfservicesettingsflowwithpasswordmethod) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|flow|query|string|false|Flow is flow ID.|
+|body|body|[CompleteSelfServiceSettingsFlowWithPasswordMethod](#schemacompleteselfservicesettingsflowwithpasswordmethod)|false|none|
#### Responses
@@ -6586,15 +6302,15 @@ password: string
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsViaApiResponse | [settingsViaApiResponse](#schemasettingsviaapiresponse) |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | settingsFlow | [settingsFlow](#schemasettingsflow) |
-| 401 | [Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1) | genericError | [genericError](#schemagenericerror) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsViaApiResponse|[settingsViaApiResponse](#schemasettingsviaapiresponse)|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|settingsFlow|[settingsFlow](#schemasettingsflow)|
+|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|genericError|[genericError](#schemagenericerror)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -6736,7 +6452,10 @@ password: string
}
```
-
+
#### Code samples
@@ -6747,7 +6466,7 @@ password: string
```shell
curl -X POST /self-service/settings/methods/password \
- -H 'Content-Type: application/json' \ -H 'Accept: application/json'
+ -H 'Content-Type: application/json' \ -H 'Accept: application/json' \ -H 'Authorization: API_KEY'
```
@@ -6762,9 +6481,10 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
+ "Authorization": []string{"API_KEY"},
}
var body []byte
@@ -6789,7 +6509,7 @@ const input = '{
"password": "string"
}';
const headers = {
- 'Content-Type': 'application/json', 'Accept': 'application/json'
+ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'API_KEY'
}
fetch('/self-service/settings/methods/password', {
@@ -6837,7 +6557,8 @@ import requests
headers = {
'Content-Type': 'application/json',
- 'Accept': 'application/json'
+ 'Accept': 'application/json',
+ 'Authorization': 'API_KEY'
}
r = requests.post(
@@ -6857,7 +6578,8 @@ require 'json'
headers = {
'Content-Type' => 'application/json',
- 'Accept' => 'application/json'
+ 'Accept' => 'application/json',
+ 'Authorization' => 'API_KEY'
}
result = RestClient.post '/self-service/settings/methods/password',
@@ -6879,27 +6601,23 @@ Accept: application/json
```
-Use this endpoint to complete a settings flow by sending an identity's updated
-traits. This endpoint behaves differently for API and browser flows.
+Use this endpoint to complete a settings flow by sending an identity's updated traits. This endpoint
+behaves differently for API and browser flows.
-API-initiated flows expect `application/json` to be sent in the body and respond
-with HTTP 200 and an application/json body with the session token on success;
-HTTP 302 redirect to a fresh settings flow if the original flow expired with the
-appropriate error messages set; HTTP 400 on form validation errors. HTTP 401
-when the endpoint is called without a valid session token. HTTP 403 when
-`selfservice.flows.settings.privileged_session_max_age` was reached and a
-sensitive field was updated (e.g. recovery email). Implies that the user needs
-to re-authenticate.
+API-initiated flows expect `application/json` to be sent in the body and respond with
+HTTP 200 and an application/json body with the session token on success;
+HTTP 302 redirect to a fresh settings flow if the original flow expired with the appropriate error messages set;
+HTTP 400 on form validation errors.
+HTTP 401 when the endpoint is called without a valid session token.
+HTTP 403 when `selfservice.flows.settings.privileged_session_max_age` was reached and a sensitive field was
+updated (e.g. recovery email). Implies that the user needs to re-authenticate.
-Browser flows expect `application/x-www-form-urlencoded` to be sent in the body
-and responds with a HTTP 302 redirect to the post/after settings URL or the
-`return_to` value if it was set and if the flow succeeded; a HTTP 302 redirect
-to the settings UI URL with the flow ID containing the validation errors
-otherwise. a HTTP 302 redirect to the login endpoint when
-`selfservice.flows.settings.privileged_session_max_age` was reached.
+Browser flows expect `application/x-www-form-urlencoded` to be sent in the body and responds with
+a HTTP 302 redirect to the post/after settings URL or the `return_to` value if it was set and if the flow succeeded;
+a HTTP 302 redirect to the settings UI URL with the flow ID containing the validation errors otherwise.
+a HTTP 302 redirect to the login endpoint when `selfservice.flows.settings.privileged_session_max_age` was reached.
-More information can be found at
-[ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
+More information can be found at [ORY Kratos User Settings & Profile Management Documentation](../self-service/flows/user-settings).
#### Responses
@@ -6907,15 +6625,15 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | settingsFlow | [settingsFlow](#schemasettingsflow) |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | settingsFlow | [settingsFlow](#schemasettingsflow) |
-| 401 | [Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1) | genericError | [genericError](#schemagenericerror) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|settingsFlow|[settingsFlow](#schemasettingsflow)|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|settingsFlow|[settingsFlow](#schemasettingsflow)|
+|401|[Unauthorized](https://tools.ietf.org/html/rfc7235#section-3.1)|genericError|[genericError](#schemagenericerror)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -7032,7 +6750,10 @@ More information can be found at
}
```
-
+
#### Code samples
@@ -7043,7 +6764,7 @@ More information can be found at
```shell
curl -X POST /self-service/settings/methods/profile \
- -H 'Accept: application/json'
+ -H 'Accept: application/json' \ -H 'Authorization: API_KEY'
```
@@ -7058,8 +6779,9 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
+ "Authorization": []string{"API_KEY"},
}
var body []byte
@@ -7078,20 +6800,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json', 'Authorization': 'API_KEY'
}
fetch('/self-service/settings/methods/profile', {
method: 'POST',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -7127,7 +6849,8 @@ System.out.println(response.toString());
import requests
headers = {
- 'Accept': 'application/json'
+ 'Accept': 'application/json',
+ 'Authorization': 'API_KEY'
}
r = requests.post(
@@ -7146,7 +6869,8 @@ require 'rest-client'
require 'json'
headers = {
- 'Accept' => 'application/json'
+ 'Accept' => 'application/json',
+ 'Authorization' => 'API_KEY'
}
result = RestClient.post '/self-service/settings/methods/profile',
@@ -7168,26 +6892,21 @@ Accept: application/json
```
-This endpoint initiates a verification flow for API clients such as mobile
-devices, smart TVs, and so on.
+This endpoint initiates a verification flow for API clients such as mobile devices, smart TVs, and so on.
-To fetch an existing verification flow call
-`/self-service/verification/flows?flow=`.
+To fetch an existing verification flow call `/self-service/verification/flows?flow=`.
:::warning
-You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS,
-AngularJS) nor server-side (Java Server Pages, NodeJS, PHP, Golang, ...) browser
-applications. Using this endpoint in these applications will make you vulnerable
-to a variety of CSRF attacks.
+You MUST NOT use this endpoint in client-side (Single Page Apps, ReactJS, AngularJS) nor server-side (Java Server
+Pages, NodeJS, PHP, Golang, ...) browser applications. Using this endpoint in these applications will make
+you vulnerable to a variety of CSRF attacks.
-This endpoint MUST ONLY be used in scenarios such as native mobile apps (React
-Native, Objective C, Swift, Java, ...).
+This endpoint MUST ONLY be used in scenarios such as native mobile apps (React Native, Objective C, Swift, Java, ...).
:::
-More information can be found at
-[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
#### Responses
@@ -7195,11 +6914,11 @@ More information can be found at
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ---------------- | ------------------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | verificationFlow | [verificationFlow](#schemaverificationflow) |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|verificationFlow|[verificationFlow](#schemaverificationflow)|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -7293,7 +7012,184 @@ More information can be found at
}
```
-
+
+
+#### Code samples
+
+
+
+
+```shell
+curl -X GET /self-service/verification/api \
+ -H 'Accept: application/json'
+```
+
+
+
+
+```go
+package main
+
+import (
+ "bytes"
+ "net/http"
+)
+
+func main() {
+ headers := map[string][]string{
+ "Accept": []string{"application/json"},
+ }
+
+ var body []byte
+ // body = ...
+
+ req, err := http.NewRequest("GET", "/self-service/verification/api", bytes.NewBuffer(body))
+ req.Header = headers
+
+ client := &http.Client{}
+ resp, err := client.Do(req)
+ // ...
+}
+```
+
+
+
+
+```javascript
+const fetch = require('node-fetch');
+
+const headers = {
+ 'Accept': 'application/json'
+}
+
+fetch('/self-service/verification/api', {
+ method: 'GET',
+ headers
+})
+.then(r => r.json())
+.then((body) => {
+ console.log(body)
+})
+```
+
+
+
+
+```java
+// This sample needs improvement.
+URL obj = new URL("/self-service/verification/api");
+
+HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+con.setRequestMethod("GET");
+
+int responseCode = con.getResponseCode();
+
+BufferedReader in = new BufferedReader(
+ new InputStreamReader(con.getInputStream())
+);
+
+String inputLine;
+StringBuffer response = new StringBuffer();
+while ((inputLine = in.readLine()) != null) {
+ response.append(inputLine);
+}
+in.close();
+
+System.out.println(response.toString());
+```
+
+
+
+
+```python
+import requests
+
+headers = {
+ 'Accept': 'application/json'
+}
+
+r = requests.get(
+ '/self-service/verification/api',
+ params={},
+ headers = headers)
+
+print r.json()
+```
+
+
+
+
+```ruby
+require 'rest-client'
+require 'json'
+
+headers = {
+ 'Accept' => 'application/json'
+}
+
+result = RestClient.get '/self-service/verification/api',
+ params: {}, headers: headers
+
+p JSON.parse(result)
+```
+
+
+
+
+
+
+### Initialize Verification Flow for Browser Clients
+
+```
+GET /self-service/verification/browser HTTP/1.1
+Accept: application/json
+
+```
+
+This endpoint initializes a browser-based account verification flow. Once initialized, the browser will be redirected to
+`selfservice.flows.verification.ui_url` with the flow ID set as the query parameter `?flow=`.
+
+This endpoint is NOT INTENDED for API clients and only works with browsers (Chrome, Firefox, ...).
+
+More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+
+#### Responses
+
+
+
+##### Overview
+
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
+
+##### Examples
+
+###### 500 response
+
+```json
+{
+ "error": {
+ "code": 404,
+ "debug": "The database adapter was unable to find the element",
+ "details": {},
+ "message": "string",
+ "reason": "string",
+ "request": "string",
+ "status": "string"
+ }
+}
+```
+
+
#### Code samples
@@ -7303,7 +7199,7 @@ More information can be found at
```shell
-curl -X GET /self-service/verification/api \
+curl -X GET /self-service/verification/browser \
-H 'Accept: application/json'
```
@@ -7319,14 +7215,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/verification/api", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/verification/browser", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -7339,20 +7235,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/verification/api', {
+fetch('/self-service/verification/browser', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -7360,7 +7256,7 @@ fetch('/self-service/verification/api', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/verification/api");
+URL obj = new URL("/self-service/verification/browser");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -7392,7 +7288,7 @@ headers = {
}
r = requests.get(
- '/self-service/verification/api',
+ '/self-service/verification/browser',
params={},
headers = headers)
@@ -7410,7 +7306,7 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/verification/api',
+result = RestClient.get '/self-service/verification/browser',
params: {}, headers: headers
p JSON.parse(result)
@@ -7419,58 +7315,143 @@ p JSON.parse(result)
-
+
-### Initialize Verification Flow for Browser Clients
+### Get Verification Flow
```
-GET /self-service/verification/browser HTTP/1.1
+GET /self-service/verification/flows?id=string HTTP/1.1
Accept: application/json
```
-This endpoint initializes a browser-based account verification flow. Once
-initialized, the browser will be redirected to
-`selfservice.flows.verification.ui_url` with the flow ID set as the query
-parameter `?flow=`.
+This endpoint returns a verification flow's context with, for example, error details and other information.
+
+More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+
+
+
+#### Parameters
+
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|id|query|string|true|The Flow ID|
+
+##### Detailed descriptions
-This endpoint is NOT INTENDED for API clients and only works with browsers
-(Chrome, Firefox, ...).
+**id**: The Flow ID
-More information can be found at
-[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+The value for this parameter comes from `request` URL Query parameter sent to your
+application (e.g. `/verification?flow=abcde`).
#### Responses
-
+
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|verificationFlow|[verificationFlow](#schemaverificationflow)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|404|[Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
-###### 500 response
+###### 200 response
```json
{
- "error": {
- "code": 404,
- "debug": "The database adapter was unable to find the element",
- "details": {},
- "message": "string",
- "reason": "string",
- "request": "string",
- "status": "string"
- }
+ "active": "string",
+ "expires_at": "2019-08-24T14:15:22Z",
+ "id": "string",
+ "issued_at": "2019-08-24T14:15:22Z",
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "methods": {
+ "property1": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ },
+ "property2": {
+ "config": {
+ "action": "string",
+ "fields": [
+ {
+ "disabled": true,
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "name": "string",
+ "pattern": "string",
+ "required": true,
+ "type": "string",
+ "value": {}
+ }
+ ],
+ "messages": [
+ {
+ "context": {},
+ "id": 0,
+ "text": "string",
+ "type": "string"
+ }
+ ],
+ "method": "string"
+ },
+ "method": "string"
+ }
+ },
+ "request_url": "string",
+ "state": "string",
+ "type": "string"
}
```
-
+
#### Code samples
@@ -7480,7 +7461,7 @@ More information can be found at
```shell
-curl -X GET /self-service/verification/browser \
+curl -X GET /self-service/verification/flows?id=string \
-H 'Accept: application/json'
```
@@ -7496,14 +7477,14 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
var body []byte
// body = ...
- req, err := http.NewRequest("GET", "/self-service/verification/browser", bytes.NewBuffer(body))
+ req, err := http.NewRequest("GET", "/self-service/verification/flows", bytes.NewBuffer(body))
req.Header = headers
client := &http.Client{}
@@ -7516,20 +7497,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
-fetch('/self-service/verification/browser', {
+fetch('/self-service/verification/flows?id=string', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -7537,7 +7518,7 @@ fetch('/self-service/verification/browser', {
```java
// This sample needs improvement.
-URL obj = new URL("/self-service/verification/browser");
+URL obj = new URL("/self-service/verification/flows?id=string");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
@@ -7569,8 +7550,9 @@ headers = {
}
r = requests.get(
- '/self-service/verification/browser',
- params={},
+ '/self-service/verification/flows',
+ params={
+ 'id': 'string'},
headers = headers)
print r.json()
@@ -7587,8 +7569,9 @@ headers = {
'Accept' => 'application/json'
}
-result = RestClient.get '/self-service/verification/browser',
- params: {}, headers: headers
+result = RestClient.get '/self-service/verification/flows',
+ params: {
+ 'id' => 'string'}, headers: headers
p JSON.parse(result)
```
@@ -7607,28 +7590,22 @@ Accept: application/json
```
-Use this endpoint to complete a verification flow using the link method. This
-endpoint behaves differently for API and browser flows and has several states:
+Use this endpoint to complete a verification flow using the link method. This endpoint
+behaves differently for API and browser flows and has several states:
-`choose_method` expects `flow` (in the URL query) and `email` (in the body) to
-be sent and works with API- and Browser-initiated flows. For API clients it
-either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the
-form is invalid and a HTTP 302 Found redirect with a fresh verification flow if
-the flow was otherwise invalid (e.g. expired). For Browser clients it returns a
-HTTP 302 Found redirect to the Verification UI URL with the Verification Flow ID
-appended. `sent_email` is the success state after `choose_method` and allows the
-user to request another verification email. It works for both API and
-Browser-initiated flows and returns the same responses as the flow in
-`choose_method` state. `passed_challenge` expects a `token` to be sent in the
-URL query and given the nature of the flow ("sending a verification link") does
-not have any API capabilities. The server responds with a HTTP 302 Found
-redirect either to the Settings UI URL (if the link was valid) and instructs the
-user to update their password, or a redirect to the Verification UI URL with a
-new Verification Flow ID which contains an error message that the verification
-link was invalid.
+`choose_method` expects `flow` (in the URL query) and `email` (in the body) to be sent
+and works with API- and Browser-initiated flows.
+For API clients it either returns a HTTP 200 OK when the form is valid and HTTP 400 OK when the form is invalid
+and a HTTP 302 Found redirect with a fresh verification flow if the flow was otherwise invalid (e.g. expired).
+For Browser clients it returns a HTTP 302 Found redirect to the Verification UI URL with the Verification Flow ID appended.
+`sent_email` is the success state after `choose_method` and allows the user to request another verification email. It
+works for both API and Browser-initiated flows and returns the same responses as the flow in `choose_method` state.
+`passed_challenge` expects a `token` to be sent in the URL query and given the nature of the flow ("sending a verification link")
+does not have any API capabilities. The server responds with a HTTP 302 Found redirect either to the Settings UI URL
+(if the link was valid) and instructs the user to update their password, or a redirect to the Verification UI URL with
+a new Verification Flow ID which contains an error message that the verification link was invalid.
-More information can be found at
-[ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
+More information can be found at [ORY Kratos Email and Phone Verification Documentation](https://www.ory.sh/docs/kratos/selfservice/flows/verify-email-account-activation).
#### Request body
@@ -7642,24 +7619,25 @@ More information can be found at
```yaml
csrf_token: string
email: string
+
```
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ----- | ------------------------------------------------------------------------------------------------------------- | -------- | ------------------ |
-| token | query | string | false | Verification Token |
-| flow | query | string | false | The Flow ID |
-| body | body | [completeSelfServiceVerificationFlowWithLinkMethod](#schemacompleteselfserviceverificationflowwithlinkmethod) | false | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|token|query|string|false|Verification Token|
+|flow|query|string|false|The Flow ID|
+|body|body|[completeSelfServiceVerificationFlowWithLinkMethod](#schemacompleteselfserviceverificationflowwithlinkmethod)|false|none|
##### Detailed descriptions
**token**: Verification Token
-The verification token which completes the verification request. If the token is
-invalid (e.g. expired) an error will be shown to the end-user.
+The verification token which completes the verification request. If the token
+is invalid (e.g. expired) an error will be shown to the end-user.
**flow**: The Flow ID
@@ -7671,12 +7649,12 @@ format: uuid
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------------------------- |
-| 302 | [Found](https://tools.ietf.org/html/rfc7231#section-6.4.3) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | verificationFlow | [verificationFlow](#schemaverificationflow) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|302|[Found](https://tools.ietf.org/html/rfc7231#section-6.4.3)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|verificationFlow|[verificationFlow](#schemaverificationflow)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -7770,7 +7748,9 @@ format: uuid
}
```
-
+
#### Code samples
@@ -7796,7 +7776,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -7914,12 +7894,10 @@ Accept: application/json
```
-Use this endpoint to revoke a session using its token. This endpoint is
-particularly useful for API clients such as mobile apps to log the user out of
-the system and invalidate the session.
+Use this endpoint to revoke a session using its token. This endpoint is particularly useful for API clients
+such as mobile apps to log the user out of the system and invalidate the session.
-This endpoint does not remove any HTTP Cookies - use the Self-Service Logout
-Flow instead.
+This endpoint does not remove any HTTP Cookies - use the Self-Service Logout Flow instead.
#### Request body
@@ -7933,9 +7911,9 @@ Flow instead.
#### Parameters
-| Parameter | In | Type | Required | Description |
-| --------- | ---- | ------------------------------------- | -------- | ----------- |
-| body | body | [revokeSession](#schemarevokesession) | true | none |
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|body|body|[revokeSession](#schemarevokesession)|true|none|
#### Responses
@@ -7943,12 +7921,12 @@ Flow instead.
##### Overview
-| Status | Meaning | Description | Schema |
-| -------------- | -------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
-| 204 | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5) | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is |
-| typically 201. | None |
-| 400 | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|204|[No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)|Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is
+typically 201.|None|
+|400|[Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -7968,7 +7946,9 @@ Flow instead.
}
```
-
+
#### Code samples
@@ -7994,7 +7974,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Content-Type": []string{"application/json"},
"Accept": []string{"application/json"},
}
@@ -8107,28 +8087,36 @@ p JSON.parse(result)
```
GET /sessions/whoami HTTP/1.1
Accept: application/json
+Cookie: string
```
-Uses the HTTP Headers in the GET request to determine (e.g. by using checking
-the cookies) who is authenticated. Returns a session object in the body or 401
-if the credentials are invalid or no credentials were sent. Additionally when
-the request it successful it adds the user ID to the
-'X-Kratos-Authenticated-Identity-Id' header in the response.
+Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated.
+Returns a session object in the body or 401 if the credentials are invalid or no credentials were sent.
+Additionally when the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.
This endpoint is useful for reverse proxies and API Gateways.
+
+
+#### Parameters
+
+|Parameter|In|Type|Required|Description|
+|---|---|---|---|---|
+|Cookie|header|string|false|none|
+|Authorization|query|string|false|in: authorization|
+
#### Responses
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | -------------------------------------------------------------------------- | ------------ | ----------------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | session | [session](#schemasession) |
-| 403 | [Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3) | genericError | [genericError](#schemagenericerror) |
-| 500 | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError | [genericError](#schemagenericerror) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|session|[session](#schemasession)|
+|403|[Forbidden](https://tools.ietf.org/html/rfc7231#section-6.5.3)|genericError|[genericError](#schemagenericerror)|
+|500|[Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1)|genericError|[genericError](#schemagenericerror)|
##### Examples
@@ -8167,7 +8155,10 @@ This endpoint is useful for reverse proxies and API Gateways.
}
```
-
+
#### Code samples
@@ -8178,7 +8169,7 @@ This endpoint is useful for reverse proxies and API Gateways.
```shell
curl -X GET /sessions/whoami \
- -H 'Accept: application/json'
+ -H 'Accept: application/json' \ -H 'Cookie: string' \ -H 'Authorization: API_KEY'
```
@@ -8193,8 +8184,10 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
+ "Cookie": []string{"string"},
+ "Authorization": []string{"API_KEY"},
}
var body []byte
@@ -8213,20 +8206,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json', 'Cookie': 'string', 'Authorization': 'API_KEY'
}
fetch('/sessions/whoami', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -8262,7 +8255,9 @@ System.out.println(response.toString());
import requests
headers = {
- 'Accept': 'application/json'
+ 'Accept': 'application/json',
+ 'Cookie': 'string',
+ 'Authorization': 'API_KEY'
}
r = requests.get(
@@ -8281,7 +8276,9 @@ require 'rest-client'
require 'json'
headers = {
- 'Accept' => 'application/json'
+ 'Accept' => 'application/json',
+ 'Cookie' => 'string',
+ 'Authorization' => 'API_KEY'
}
result = RestClient.get '/sessions/whoami',
@@ -8307,14 +8304,13 @@ Accept: application/json
```
-This endpoint returns the service version typically notated using semantic
-versioning.
+This endpoint returns the service version typically notated using semantic versioning.
If the service supports TLS Edge Termination, this endpoint does not require the
`X-Forwarded-Proto` header to be set.
-Be aware that if you are running multiple nodes of this service, the health
-status will never refer to the cluster state, only to a single instance.
+Be aware that if you are running multiple nodes of this service, the health status will never
+refer to the cluster state, only to a single instance.
#### Responses
@@ -8322,9 +8318,9 @@ status will never refer to the cluster state, only to a single instance.
##### Overview
-| Status | Meaning | Description | Schema |
-| ------ | ------------------------------------------------------- | ----------- | ------------------------- |
-| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | version | [version](#schemaversion) |
+|Status|Meaning|Description|Schema|
+|---|---|---|---|
+|200|[OK](https://tools.ietf.org/html/rfc7231#section-6.3.1)|version|[version](#schemaversion)|
##### Examples
@@ -8336,7 +8332,9 @@ status will never refer to the cluster state, only to a single instance.
}
```
-
+
#### Code samples
@@ -8362,7 +8360,7 @@ import (
)
func main() {
- headers := map[string][]string{
+ headers := map[string][]string{
"Accept": []string{"application/json"},
}
@@ -8382,20 +8380,20 @@ func main() {
```javascript
-const fetch = require('node-fetch')
+const fetch = require('node-fetch');
const headers = {
- Accept: 'application/json'
+ 'Accept': 'application/json'
}
fetch('/version', {
method: 'GET',
headers
})
- .then((r) => r.json())
- .then((body) => {
+.then(r => r.json())
+.then((body) => {
console.log(body)
- })
+})
```
@@ -8475,14 +8473,15 @@ p JSON.parse(result)
"csrf_token": "string",
"password": "string"
}
+
```
#### Properties
-| Name | Type | Required | Restrictions | Description |
-| ---------- | ------ | -------- | ------------ | ---------------------------------------------------- |
-| csrf_token | string | false | none | CSRFToken is the anti-CSRF token
type: string |
-| password | string | true | none | Password is the updated password
type: string |
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|csrf_token|string|false|none|CSRFToken is the anti-CSRF token
type: string|
+|password|string|true|none|Password is the updated password
type: string|
@@ -8495,14 +8494,15 @@ p JSON.parse(result)
"schema_id": "string",
"traits": {}
}
+
```
#### Properties
-| Name | Type | Required | Restrictions | Description |
-| --------- | ------ | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| schema_id | string | true | none | SchemaID is the ID of the JSON Schema to be used for validating the identity's traits. |
-| traits | object | true | none | Traits represent an identity's traits. The identity is able to create, modify, and delete traits in a self-service manner. The input will always be validated against the JSON Schema defined in `schema_url`. |
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|schema_id|string|true|none|SchemaID is the ID of the JSON Schema to be used for validating the identity's traits.|
+|traits|object|true|none|Traits represent an identity's traits. The identity is able to create, modify, and delete traits in a self-service manner. The input will always be validated against the JSON Schema defined in `schema_url`.|
@@ -8515,14 +8515,15 @@ p JSON.parse(result)
"expires_in": "string",
"identity_id": "string"
}
+
```
#### Properties
-| Name | Type | Required | Restrictions | Description |
-| ----------- | ------------------- | -------- | ------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| expires_in | string | false | none | Link Expires In
The recovery link will expire at that point in time. Defaults to the configuration value of `selfservice.flows.recovery.request_lifespan`. |
-| identity_id | [UUID](#schemauuid) | true | none | none |
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|expires_in|string|false|none|Link Expires In
The recovery link will expire at that point in time. Defaults to the configuration value of `selfservice.flows.recovery.request_lifespan`.|
+|identity_id|[UUID](#schemauuid)|true|none|none|
@@ -8532,16 +8533,16 @@ p JSON.parse(result)
```json
"string"
+
```
-_CredentialsType represents several different credential types, like password
-credentials, passwordless credentials,_
+*CredentialsType represents several different credential types, like password credentials, passwordless credentials,*
#### Properties
-| Name | Type | Required | Restrictions | Description |
-| ------------------------------------------------------------------------------------------------------------------- | ------ | -------- | ------------ | ----------- |
-| CredentialsType represents several different credential types, like password credentials, passwordless credentials, | string | false | none | and so on. |
+|Name|Type|Required|Restrictions|Description|
+|---|---|---|---|---|
+|CredentialsType represents several different credential types, like password credentials, passwordless credentials,|string|false|none|and so on.|
@@ -8580,16 +8581,17 @@ credentials, passwordless credentials,_
],
"method": "string"
}
+
```
#### Properties
-| Name | Type | Required | Restrictions | Description |
-| -------- | ------------------------------- | -------- | ------------ | ------------------------------------------------------------------------------------------- |
-| action | string | true | none | Action should be used as the form action URL `