This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Gatekeeper

1 - Gatekeeper API

Informations

Version

latest

Contact

Ignacio Cisternas icisternas@autentia.cl https://autentia.cl

Content negotiation

URI Schemes

  • http
  • https

Consumes

  • application/json

Produces

  • application/json

Access control

Security Schemes

oauth2

Type: oauth2

Flow: accessCode

Authorization URL: https://accounts-dev.autentiaplus.id/oauth2/auth

Token URL: https://accounts-dev.autentiaplus.id/oauth2/token

Scopes
Name Description
openid default
profile default

All endpoints

Method URI Name Summary
POST /authx/consent/accept accept consent challenge
GET /authx/consent get consent challenge
POST /authx/consent/reject reject consent challenge

login_flow

Method URI Name Summary
POST /authx/login/accept accept login challenge
GET /authx/login get login challenge Initialize state-machine and return ui settings
POST /authx/login/reject reject login challenge
POST /authx/login/credential set login credential
POST /authx/login/verify/2factor verify2 factor
POST /authx/login/verify/strategy verify strategy

sessions

Method URI Name Summary
GET /authx/sessions list sessions
DELETE /authx/sessions/revoke revoke session

Paths

POST /authx/consent/accept

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
consent_challenge query string string
remember_me query boolean bool

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

Status: OK

RedirectTo

Status: Bad Request

JSONError

Status: Not Found

JSONError

Status: Unprocessable Entity

JSONError

Status: Failed Dependency

JSONError

Status: Internal Server Error

JSONError

accept login challenge (acceptLoginChallenge)

POST /authx/login/accept

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string
remember_me query boolean bool

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

RedirectTo

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

GET /authx/consent

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
consent_challenge query string string

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

Status: OK

ConsentChallengeResponse

Status: Bad Request

JSONError

Status: Not Found

JSONError

Status: Unprocessable Entity

JSONError

Status: Failed Dependency

JSONError

Status: Internal Server Error

JSONError

Initialize state-machine and return ui settings (getLoginChallenge)

GET /authx/login

Quod satis pecuniae sempiternum. Ut sciat oportet motum. Nunquam invenies eum. Hic de tabula. Ego vivere, ut debui, et nunc fiant. Istuc quod opus non est. Lorem ipsum occurrebat pragmaticam semper ut, si quis ita velim tibi bene recognoscere. Quorum duo te mihi videtur.

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

LoginChallengeResponse

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

list sessions (listSessions)

GET /authx/sessions

Consumes

  • application/json

Produces

  • application/json

Security Requirements

  • oauth2

All responses

Code Status Description Has headers Schema
200 OK schema
401 Unauthorized JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

[]Session

401 - JSONError

Status: Unauthorized

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

POST /authx/consent/reject

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
consent_challenge query string string

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

Status: OK

RedirectTo

Status: Bad Request

JSONError

Status: Not Found

JSONError

Status: Unprocessable Entity

JSONError

Status: Failed Dependency

JSONError

Status: Internal Server Error

JSONError

reject login challenge (rejectLoginChallenge)

POST /authx/login/reject

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

RedirectTo

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

revoke session (revokeSession)

DELETE /authx/sessions/revoke

Consumes

  • application/json

Produces

  • application/json

Security Requirements

  • oauth2

Parameters

Name Source Type Go type Separator Required Default Description
client_id query string string

All responses

Code Status Description Has headers Schema
208 Already Reported EmptyResponse are sent when, for example, resources are deleted. The HTTP status code for empty responses is
typically 201 or 208 for accepted response. schema
401 Unauthorized JSONError schema
500 Internal Server Error JSONError schema

Responses

208 - EmptyResponse are sent when, for example, resources are deleted. The HTTP status code for empty responses is

typically 201 or 208 for accepted response. Status: Already Reported

Schema
401 - JSONError

Status: Unauthorized

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

set login credential (setLoginCredential)

POST /authx/login/credential

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string
Body body Credential models.Credential

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

LoginChallengeResponse

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

verify2 factor (verify2Factor)

POST /authx/login/verify/2factor

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string
Body body VerifyEvidencesRequest models.VerifyEvidencesRequest

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

LoginChallengeResponse

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

verify strategy (verifyStrategy)

POST /authx/login/verify/strategy

Consumes

  • application/json

Produces

  • application/json

Parameters

Name Source Type Go type Separator Required Default Description
login_challenge query string string
Body body VerifyEvidencesRequest models.VerifyEvidencesRequest

All responses

Code Status Description Has headers Schema
200 OK schema
400 Bad Request JSONError schema
404 Not Found JSONError schema
422 Unprocessable Entity JSONError schema
424 Failed Dependency JSONError schema
500 Internal Server Error JSONError schema

Responses

200

Status: OK

Schema

LoginChallengeResponse

400 - JSONError

Status: Bad Request

Schema

JSONError

404 - JSONError

Status: Not Found

Schema

JSONError

422 - JSONError

Status: Unprocessable Entity

Schema

JSONError

424 - JSONError

Status: Failed Dependency

Schema

JSONError

500 - JSONError

Status: Internal Server Error

Schema

JSONError

Models

ConsentChallengeResponse

Properties

Name Type Go type Required Default Description Example
Audiences []string []string Audiences contains the access token audience as requested by the OAuth 2.0 Client. ["https://accounts.someshit.com"]
GeoCheck boolean bool GeoCheck not implemented
GeoStamp boolean bool GeoStamp not implemented
ID string string ID is the identifier (“authorization challenge”) of the consent authorization request. It is used to
identify the session.
Scopes []string []string Scopes contains the OAuth 2.0 Scope requested by the OAuth 2.0 Client. ["openid","profile","credential"]
ui_preferences UIPreferences UIPreferences

Credential

Credential defines a credential

Properties

Name Type Go type Required Default Description Example
Country string string CHL
Issuer string string SRCEI
Subject string string 12345678-9
Type string string RUT

Duration

A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years.

Name Type Go type Default Description Example
Duration int64 (formatted integer) int64 A Duration represents the elapsed time between two instants
as an int64 nanosecond count. The representation limits the
largest representable duration to approximately 290 years.

Err

Properties

Name Type Go type Required Default Description Example
CodeField int64 (formatted integer) int64 the http status code https://httpstatuses.com/ 400
DebugField string string debug information
DetailsField map of any map[string]interface{} list of details
ErrorField string string error message
RIDField string string http request id 4ad9f946e0c159bd0f1bdbaa7255bec8
ReasonField string string underlying cause of the error
StatusField string string the http status code https://httpstatuses.com/ in plain text Bad Request

JSONError

JSONError responses are sent when an error (e.g. unauthorized, bad request, …) occurred

Properties

Name Type Go type Required Default Description Example
error Err Err

LoginChallengeResponse

Properties

Name Type Go type Required Default Description Example
ID string string ID is the identifier (“login challenge”) of the login request. It is used to identify the login flow request.
Mode string string "ANY" Mode is the flow criteria.
Status string string "pending" Status of the verification of the flow
Strategies map of Strategy map[string]Strategy Strategies is a list of the requested verification strategies
Subject uuid (formatted string) strfmt.UUID Subject is the user ID of the end-user that authenticated. Now, that end user needs to grant or deny the scope requested by the OAuth 2.0 client.
Type string string "SFA" Type is the flow type.
credential Credential Credential
second_factor SecondFactor SecondFactor
ui_preferences UIPreferences UIPreferences

RedirectTo

Properties

Name Type Go type Required Default Description Example
URL uri (formatted string) strfmt.URI Redirect via 302 the user-agent to this URL

SecondFactor

Properties

Name Type Go type Required Default Description Example
Evidences []string []string Evidences is the list of validated evidences uuids
Kind string string Kind of second factor. email
Name string string Name is the target channel to dispatch the OTP foo@bar.com
RemainingRetries int32 (formatted integer) int32 3 RemainingRetries is the remaining retries for the strategy
Status string string "unavailable" Status of the verification of the strategy pending
TotalRetries int32 (formatted integer) int32 3 TotalRetries is the max amount of retries of the strategy
WaitMode string string "INPUT" Type of interface needed for this flow

Session

Properties

Name Type Go type Required Default Description Example
ClientID string string
ConsentChallenge string string
GrantAccessTokenAudience []string []string
GrantScope []string []string
HandledAt string string
IDToken interface{} interface{}
LoginChallenge string string
Remember boolean bool
RememberFor int64 (formatted integer) int64
RequestURL string string
RequestedAccessTokenAudience []string []string
RequestedScope []string []string
SessionID string string
Subject string string
ui_preferences UIPreferences UIPreferences

Strategy

Properties

Name Type Go type Required Default Description Example
Evidences []string []string Evidences is the list of validated evidences uuids
Order int32 (formatted integer) int32 Order is the position in which strategies should be rendered
RemainingRetries int32 (formatted integer) int32 3 RemainingRetries is the remaining retries for the strategy
Sample boolean bool Sample defines the behavior of evidence validation
Status string string "pending" Status of the verification of the strategy
TotalRetries int32 (formatted integer) int32 3 TotalRetries is the max amount of retries of the strategy
timeout Duration Duration

UIPreferences

UIPreferences

Properties

Name Type Go type Required Default Description Example
ClientName string string Name is the human-readable string name of the client to be presented to the end-user during authorization.
ClientURI uri (formatted string) strfmt.URI ClientURI is an URL string of a web page providing information about the client. If present, the server SHOULD display this URL to the end-user in a clickable fashion.
Deeplink string string Deeplink
Display string string "page" Display is a string value that specifies how the Authorization Server displays the authentication and consent user interface pages to the End-User.
LogoURI uri (formatted string) strfmt.URI LogoURI is an URL string that references a logo for the client.
PolicyURI uri (formatted string) strfmt.URI PolicyURI is a URL string that points to a human-readable privacy policy document.
TermsOfServiceURI uri (formatted string) strfmt.URI TermsOfServiceURI is a URL string that points to a human-readable terms of service document
UILocales []string []string ["es_CL"] UILocales is the customer required location and scripts for the user interface, represented as a of BCP47 [RFC5646]

VerifyEvidencesRequest

Properties

Name Type Go type Required Default Description Example
Evidences []string []string Evidences is a list of evidence ids provided by the identity API
Name string string Name of the strategy to verify, of a PrimaryFactor strategy, email or phone number for 2FA

2 - Gatekeeper OpenapiV2