sources_kerberos_partial_update

PATCH 
/sources/kerberos/:slug/

Kerberos Source Viewset

Request

Path Parameters

slug stringrequired

application/json

Body

name string

Source's display Name.

Possible values: non-empty

slug string

Internal source name, used in URLs.

Possible values: non-empty and <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$

enabled boolean
authentication_flow uuidnullable

Flow to use when authenticating existing users.

enrollment_flow uuidnullable

Flow to use when enrolling new users.

user_property_mappings uuid[]
group_property_mappings uuid[]
policy_engine_mode PolicyEngineMode (string)

Possible values: [all, any]

user_matching_mode UserMatchingModeEnum (string)

How the source determines if an existing user should be authenticated or a new user enrolled.

Possible values: [identifier, email_link, email_deny, username_link, username_deny]

user_path_template string

Possible values: non-empty

group_matching_mode GroupMatchingModeEnum (string)

How the source determines if an existing group should be used or a new group created.

Possible values: [identifier, name_link, name_deny]

realm string

Kerberos realm

Possible values: non-empty

krb5_conf string

Custom krb5.conf to use. Uses the system one by default

sync_users boolean

Sync users from Kerberos into authentik

sync_users_password boolean

When a user changes their password, sync it back to Kerberos

sync_principal string

Principal to authenticate to kadmin for sync.

sync_password string

Password to authenticate to kadmin for sync

sync_keytab string

Keytab to authenticate to kadmin for sync. Must be base64-encoded or in the form TYPE:residual

sync_ccache string

Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual

spnego_server_name string

Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname

spnego_keytab string

SPNEGO keytab base64-encoded or path to keytab in the form FILE:path

spnego_ccache string

Credential cache to use for SPNEGO in form type:residual

password_login_update_internal_password boolean

If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend

Responses

200

application/json

Schema

Schema

pk uuidrequired
name stringrequired

Source's display Name.

slug stringrequired

Internal source name, used in URLs.

Possible values: <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$

enabled boolean
authentication_flow uuidnullable

Flow to use when authenticating existing users.

enrollment_flow uuidnullable

Flow to use when enrolling new users.

user_property_mappings uuid[]
group_property_mappings uuid[]
component stringrequired

Get object component so that we know how to edit the object

verbose_name stringrequired

Return object's verbose_name

verbose_name_plural stringrequired

Return object's plural verbose_name

meta_model_name stringrequired

Return internal model name

policy_engine_mode PolicyEngineMode (string)

Possible values: [all, any]

user_matching_mode UserMatchingModeEnum (string)

How the source determines if an existing user should be authenticated or a new user enrolled.

Possible values: [identifier, email_link, email_deny, username_link, username_deny]

managed Managed by authentik (string)nullablerequired

Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

user_path_template string
icon stringrequired
group_matching_mode GroupMatchingModeEnum (string)

How the source determines if an existing group should be used or a new group created.

Possible values: [identifier, name_link, name_deny]

realm stringrequired

Kerberos realm

krb5_conf string

Custom krb5.conf to use. Uses the system one by default

sync_users boolean

Sync users from Kerberos into authentik

sync_users_password boolean

When a user changes their password, sync it back to Kerberos

sync_principal string

Principal to authenticate to kadmin for sync.

sync_ccache string

Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual

connectivity

object

nullable

required

Get cached source connectivity

property name* string
spnego_server_name string

Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname

spnego_ccache string

Credential cache to use for SPNEGO in form type:residual

password_login_update_internal_password boolean

If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend

Example (from schema)

{
  "pk": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "name": "string",
  "slug": "string",
  "enabled": true,
  "authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "user_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "group_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "component": "string",
  "verbose_name": "string",
  "verbose_name_plural": "string",
  "meta_model_name": "string",
  "policy_engine_mode": "all",
  "managed": "string",
  "user_path_template": "string",
  "icon": "string",
  "realm": "string",
  "krb5_conf": "string",
  "sync_users": true,
  "sync_users_password": true,
  "sync_principal": "string",
  "sync_ccache": "string",
  "connectivity": {},
  "spnego_server_name": "string",
  "spnego_ccache": "string",
  "password_login_update_internal_password": true
}

400

application/json

Schema

Schema

non_field_errors string[]
code string
property name* any

Validation Error

Example (from schema)

{
  "non_field_errors": [
    "string"
  ],
  "code": "string"
}

403

application/json

Schema

Schema

detail stringrequired
code string

Example (from schema)

{
  "detail": "string",
  "code": "string"
}

Loading...