Skip to main content

Get the login settings

Return the settings for the requested context

Query Parameters
  • ctx.orgId string
  • ctx.instance boolean
Responses

OK

Schema
  • details object
  • sequence uint64

    on read: the sequence of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • changeDate date-time

    on read: the timestamp of the last event reduced by the projection

    on manipulation: the timestamp of the event(s) added by the manipulation

  • resourceOwner resource_owner is the organization or instance_id an object belongs to
  • settings object
  • allowUsernamePassword boolean

    defines if a user is allowed to log in with his username and password

  • allowRegister boolean

    defines if a person is allowed to register a user on this organization

  • allowExternalIdp boolean

    defines if a user is allowed to add a defined identity provider. E.g. Google auth

  • forceMfa boolean

    defines if a user MUST use a multi-factor to log in

  • passkeysType string

    Possible values: [PASSKEYS_TYPE_NOT_ALLOWED, PASSKEYS_TYPE_ALLOWED]

    Default value: PASSKEYS_TYPE_NOT_ALLOWED

    defines if passkeys are allowed for users

  • hidePasswordReset boolean

    defines if password reset link should be shown in the login screen

  • ignoreUnknownUsernames boolean

    defines if unknown username on login screen directly returns an error or always displays the password screen

  • defaultRedirectUri string

    defines where the user will be redirected to if the login is started without app context (e.g. from mail)

  • passwordCheckLifetime string

    Defines after how much time the user has to re-authenticate with the password.

  • externalLoginCheckLifetime string

    Defines after how much time the user has to re-authenticate with an external provider.

  • mfaInitSkipLifetime string

    Defines after how much time the mfa prompt will be shown again.

  • secondFactorCheckLifetime string

    Defines after how long the second-factor check is valid.

  • multiFactorCheckLifetime string

    Defines how long the multi-factor check is valid.

  • secondFactors string[]

    Possible values: [SECOND_FACTOR_TYPE_UNSPECIFIED, SECOND_FACTOR_TYPE_OTP, SECOND_FACTOR_TYPE_U2F]

  • multiFactors string[]

    Possible values: [MULTI_FACTOR_TYPE_UNSPECIFIED, MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION]

  • allowDomainDiscovery boolean

    If set to true, the suffix (@domain.com) of an unknown username input on the login screen will be matched against the org domains and will redirect to the registration of that organization on success.

  • disableLoginWithEmail boolean

    defines if the user can additionally (to the login name) be identified by their verified email address

  • disableLoginWithPhone boolean

    defines if the user can additionally (to the login name) be identified by their verified phone number

  • resourceOwnerType resource_owner_type returns if the settings is managed on the organization or on the instance

    Possible values: [RESOURCE_OWNER_TYPE_UNSPECIFIED, RESOURCE_OWNER_TYPE_INSTANCE, RESOURCE_OWNER_TYPE_ORG]

    Default value: RESOURCE_OWNER_TYPE_UNSPECIFIED

    resource_owner_type returns if the settings is managed on the organization or on the instance

Loading...