Skip to main content

sources_kerberos_partial_update

PATCH 
/api/v3//sources/kerberos/:slug/

Kerberos Source Viewset

Request

Path Parameters

    slug stringrequired

Body

    namestring

    Source's display Name.

    Possible values: non-empty

    slugstring

    Internal source name, used in URLs.

    Possible values: non-empty and <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$

    enabledboolean
    authentication_flowuuidnullable

    Flow to use when authenticating existing users.

    enrollment_flowuuidnullable

    Flow to use when enrolling new users.

    user_property_mappingsuuid[]
    group_property_mappingsuuid[]
    policy_engine_modePolicyEngineMode (string)

    Possible values: [all, any]

    user_matching_modeUserMatchingModeEnum (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

    Possible values: [identifier, email_link, email_deny, username_link, username_deny]

    user_path_templatestring

    Possible values: non-empty

    group_matching_modeGroupMatchingModeEnum (string)

    How the source determines if an existing group should be used or a new group created.

    Possible values: [identifier, name_link, name_deny]

    realmstring

    Kerberos realm

    Possible values: non-empty

    krb5_confstring

    Custom krb5.conf to use. Uses the system one by default

    kadmin_typeKadminTypeEnum (string)

    KAdmin server type

    Possible values: [MIT, Heimdal, other]

    sync_usersboolean

    Sync users from Kerberos into authentik

    sync_users_passwordboolean

    When a user changes their password, sync it back to Kerberos

    sync_principalstring

    Principal to authenticate to kadmin for sync.

    sync_passwordstring

    Password to authenticate to kadmin for sync

    sync_keytabstring

    Keytab to authenticate to kadmin for sync. Must be base64-encoded or in the form TYPE:residual

    sync_ccachestring

    Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual

    spnego_server_namestring

    Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname

    spnego_keytabstring

    SPNEGO keytab base64-encoded or path to keytab in the form FILE:path

    spnego_ccachestring

    Credential cache to use for SPNEGO in form type:residual

    password_login_update_internal_passwordboolean

    If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend

Responses

Schema
    pkuuidrequired
    namestringrequired

    Source's display Name.

    slugstringrequired

    Internal source name, used in URLs.

    Possible values: <= 50 characters, Value must match regular expression ^[-a-zA-Z0-9_]+$

    enabledboolean
    authentication_flowuuidnullable

    Flow to use when authenticating existing users.

    enrollment_flowuuidnullable

    Flow to use when enrolling new users.

    user_property_mappingsuuid[]
    group_property_mappingsuuid[]
    componentstringrequired

    Get object component so that we know how to edit the object

    verbose_namestringrequired

    Return object's verbose_name

    verbose_name_pluralstringrequired

    Return object's plural verbose_name

    meta_model_namestringrequired

    Return internal model name

    policy_engine_modePolicyEngineMode (string)

    Possible values: [all, any]

    user_matching_modeUserMatchingModeEnum (string)

    How the source determines if an existing user should be authenticated or a new user enrolled.

    Possible values: [identifier, email_link, email_deny, username_link, username_deny]

    managedManaged by authentik (string)nullablerequired

    Objects that are managed by authentik. These objects are created and updated automatically. This flag only indicates that an object can be overwritten by migrations. You can still modify the objects via the API, but expect changes to be overwritten in a later update.

    user_path_templatestring
    iconstringrequired
    group_matching_modeGroupMatchingModeEnum (string)

    How the source determines if an existing group should be used or a new group created.

    Possible values: [identifier, name_link, name_deny]

    realmstringrequired

    Kerberos realm

    krb5_confstring

    Custom krb5.conf to use. Uses the system one by default

    kadmin_typeKadminTypeEnum (string)

    KAdmin server type

    Possible values: [MIT, Heimdal, other]

    sync_usersboolean

    Sync users from Kerberos into authentik

    sync_users_passwordboolean

    When a user changes their password, sync it back to Kerberos

    sync_principalstring

    Principal to authenticate to kadmin for sync.

    sync_ccachestring

    Credentials cache to authenticate to kadmin for sync. Must be in the form TYPE:residual

    connectivity objectnullablerequired

    Get cached source connectivity

    property name*string
    spnego_server_namestring

    Force the use of a specific server name for SPNEGO. Must be in the form HTTP@hostname

    spnego_ccachestring

    Credential cache to use for SPNEGO in form type:residual

    password_login_update_internal_passwordboolean

    If enabled, the authentik-stored password will be updated upon login with the Kerberos password backend

Authorization: http

name: authentiktype: httpscheme: bearer
var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Patch, "/api/v3/sources/kerberos/:slug/");
request.Headers.Add("Accept", "application/json");
request.Headers.Add("Authorization", "Bearer <token>");
var content = new StringContent("{\n  \"name\": \"string\",\n  \"slug\": \"string\",\n  \"enabled\": true,\n  \"authentication_flow\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"enrollment_flow\": \"3fa85f64-5717-4562-b3fc-2c963f66afa6\",\n  \"user_property_mappings\": [\n    \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n  ],\n  \"group_property_mappings\": [\n    \"3fa85f64-5717-4562-b3fc-2c963f66afa6\"\n  ],\n  \"policy_engine_mode\": \"all\",\n  \"user_matching_mode\": \"identifier\",\n  \"user_path_template\": \"string\",\n  \"group_matching_mode\": \"identifier\",\n  \"realm\": \"string\",\n  \"krb5_conf\": \"string\",\n  \"kadmin_type\": \"MIT\",\n  \"sync_users\": true,\n  \"sync_users_password\": true,\n  \"sync_principal\": \"string\",\n  \"sync_password\": \"string\",\n  \"sync_keytab\": \"string\",\n  \"sync_ccache\": \"string\",\n  \"spnego_server_name\": \"string\",\n  \"spnego_keytab\": \"string\",\n  \"spnego_ccache\": \"string\",\n  \"password_login_update_internal_password\": true\n}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());
Request Collapse all
Base URL
/api/v3
Auth
Parameters
— pathrequired
Body
{
  "name": "string",
  "slug": "string",
  "enabled": true,
  "authentication_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "enrollment_flow": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "user_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "group_property_mappings": [
    "3fa85f64-5717-4562-b3fc-2c963f66afa6"
  ],
  "policy_engine_mode": "all",
  "user_matching_mode": "identifier",
  "user_path_template": "string",
  "group_matching_mode": "identifier",
  "realm": "string",
  "krb5_conf": "string",
  "kadmin_type": "MIT",
  "sync_users": true,
  "sync_users_password": true,
  "sync_principal": "string",
  "sync_password": "string",
  "sync_keytab": "string",
  "sync_ccache": "string",
  "spnego_server_name": "string",
  "spnego_keytab": "string",
  "spnego_ccache": "string",
  "password_login_update_internal_password": true
}