Frontegg

Frontegg Authentication and Identity Management API

The Frontegg Authentication and Identity Management API handles login, registration, MFA, passwordless flows, social logins, sessions, passwords, passkeys, OAuth, OIDC, JWT, user management, roles, permissions, groups, and tenant membership. With 232 documented operations across 305 schemas, this is the core of the Frontegg CIAM platform.

GitHub OpenAPI

Documentation

📖
Documentation
https://developers.frontegg.com/ciam/api/identity
📖
APIReference
https://developers.frontegg.com/ciam/api/identity

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/openapi/frontegg-identity-openapi.yml

Other Resources

🔗
SpectralRules
https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/rules/frontegg-identity-rules.yml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/capabilities/frontegg-identity.yaml

OpenAPI Specification

frontegg-identity-openapi.yml Raw ↑ 
openapi: 3.0.0
paths:
  /resources/auth/v2/api-token:
    post:
      operationId: AuthenticationApiTokenControllerV2_authApiToken
      summary: Authenticate Using API Token
      description: 'Authenticates using an account (tenant) or user API token. Obtain your `clientId` and `secret` from Admin Portal → API Tokens, then provide them in the request body. Send the request to your Frontegg environment (e.g., `https://<your-subdomain>.frontegg.com`).


        **Note:** By default, this endpoint enforces refresh token rotation. Each API token is limited to 100 active refresh tokens. When authenticating with the same API token for the 101st time, the oldest refresh token is automatically invalidated.


        Use this endpoint to securely authenticate automated services, back-end clients, or integrations that rely on static credentials.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AuthApiTokenDto'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiTokenAuthV2Response'
      tags:
      - API Token
  /resources/auth/v2/api-token/token/refresh:
    post:
      operationId: AuthenticationApiTokenControllerV2_refreshToken
      summary: Refresh API Token
      description: 'Refreshes a JWT access token using a refresh token. If the refresh token is valid, returns a new JWT and refresh token pair. This maintains an authenticated session without requiring the user to log in again.


        If the refresh token is invalid, expired, or has been revoked due to rotation limits, the request will fail with an authentication error.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RefreshApiTokenDto'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiTokenAuthV2Response'
      tags:
      - API Token
  /resources/tenants/access-tokens/v1:
    post:
      operationId: TenantAccessTokensV1Controller_createTenantAccessToken
      summary: Create Account (tenant) Access Token
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateTenantAccessTokenRequest'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/TenantAccessTokenResponse'
      tags:
      - API Tokens
      description: Create an access token for a specific account (tenant).
    get:
      operationId: TenantAccessTokensV1Controller_getTenantAccessTokens
      summary: Get Account (tenant) Access Tokens
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetTenantAccessTokensResponse'
      tags:
      - API Tokens
      description: Retrieve all access tokens for a specific account (tenant).
  /resources/tenants/access-tokens/v1/{id}:
    delete:
      operationId: TenantAccessTokensV1Controller_deleteTenantAccessToken
      summary: Delete Account (tenant) Access Token
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      - name: id
        required: true
        in: path
        schema:
          type: string
      responses:
        '200':
          description: ''
      tags:
      - API Tokens
      description: Delete an account (tenant) access token.
  /resources/tenants/api-tokens/v1:
    post:
      operationId: TenantApiTokensV1Controller_createTenantApiToken
      summary: Create Client Credentials Token
      description: Do not use. Instead, use v2 of this route.
      deprecated: true
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateTenantApiTokenDto'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateTenantApiTokenResponseDto'
      tags:
      - API Tokens
    get:
      operationId: TenantApiTokensV1Controller_getTenantsApiTokens
      summary: Get Client Credentials Tokens
      description: Retrieve all API tokens for a specific account (tenant).
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/GetTenantApiTokensResponse'
      tags:
      - API Tokens
  /resources/tenants/api-tokens/v1/{id}:
    delete:
      operationId: TenantApiTokensV1Controller_deleteTenantApiToken
      summary: Delete Client Credentials Token
      description: Delete an account (tenant) API token.
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      responses:
        '200':
          description: ''
      tags:
      - API Tokens
    patch:
      operationId: TenantApiTokensV1Controller_updateTenantApiToken
      summary: Update Client Credentials Token
      description: Update an account (tenant) API token.
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateApiTokenDto'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UpdateTenantApiTokenResponseDto'
      tags:
      - API Tokens
  /resources/tenants/api-tokens/v2:
    post:
      operationId: TenantApiTokensV2Controller_createTenantApiToken
      summary: Create Client Credentials Token
      description: 'Create an account (tenant) API token.


        You can retrieve roles and permissions via the API.'
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateTenantApiTokenDto'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CreateTenantApiTokenResponseDto'
      tags:
      - API Tokens
  /resources/tenants/invites/v1/user:
    get:
      operationId: TenantInvitesController_getTenantInviteForUser
      summary: Get Account (tenant) Invite of User
      description: Retrieve an invitation for a specific user to join an account (tenant).
      parameters:
      - name: frontegg-user-id
        in: header
        description: The user ID identifier
        required: true
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations
    post:
      operationId: TenantInvitesController_createTenantInviteForUser
      summary: Create Account (tenant) Invite for User
      description: 'Create an invitation for a specific user to join an account (tenant).


        To create a general invitation, use the general invitation route.'
      parameters:
      - name: frontegg-user-id
        in: header
        description: The user ID identifier
        required: true
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateInviteTokenRequestForUser'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations
    delete:
      operationId: TenantInvitesController_deleteTenantInviteForUser
      summary: Delete Account (tenant) Invite of User
      description: 'Delete an invitation for a specific user to join an account (tenant).


        To delete a general invitation, use the general invitation route.'
      parameters:
      - name: frontegg-user-id
        in: header
        description: The user ID identifier
        required: true
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      responses:
        '200':
          description: ''
      tags:
      - Account Invitations
    patch:
      operationId: TenantInvitesController_updateTenantInviteForUser
      summary: Update Account (tenant) Invite of User
      description: 'Update an invitation for a specific user to join an account (tenant).


        To set a specific expiration time, use the `expiresInMinutes` parameter to define when the invitation will be invalidated. Use the `shouldSendEmail` Boolean parameter to control whether an invitation email is sent.


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters:
      - name: frontegg-user-id
        in: header
        description: The user ID identifier
        required: true
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The account (tenant) ID identifier
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateInviteTokenRequest'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations
  /resources/tenants/invites/v1/verify:
    post:
      operationId: TenantInvitesController_verifyTenantInvite
      summary: Verify Account (tenant) Invite
      description: 'Verify an account (tenant) invitation.


        Pass the invitation token as the `token` parameter.


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/VerifyInviteTokenRequest'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations
  /resources/tenants/invites/v1/configuration:
    get:
      operationId: getInvitationConfiguration
      summary: Get Account (tenant) Invite Configuration
      description: 'Check whether account (tenant) invitations are enabled and whether notifications are active for your environment.


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters: []
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationConfigurationResponse'
      tags:
      - Account Invitations
  /resources/tenants/invites/v2/user:
    post:
      operationId: TenantInvitesV2Controller_createTenantInviteForUser
      summary: Create Tenant Invite with Roles for User
      description: Creates an invitation with assigned roles for a specific user to join an account (tenant). Provide the user's ID via the `frontegg-user-id` header and the account ID via the `frontegg-tenant-id` header. For general invitations without a specific user, use the general invitation endpoint instead.
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
        required: false
        schema:
          type: string
      - name: frontegg-user-id
        in: header
        description: The user identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
        required: false
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateInviteTokenRequestForUserV2'
      responses:
        '200':
          description: ''
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations
  /resources/tenants/invites/v1:
    post:
      operationId: TenantInvitesController_createTenantInvite
      summary: Create Account (tenant) Invite
      description: 'Create a general or account (tenant)-specific invitation token.


        Use this endpoint to generate invitation tokens for accounts (tenants) or individual users.


        To create a general invitation token, send the request without specifying an account (tenant) or user. To create an account (tenant)-specific token, include the account (tenant) ID in the request body. To create a token for a specific user of an account (tenant), also include the user ID in the body parameters. If a user ID is provided, you can control whether an invitation email is sent by setting the `shouldSendEmail` parameter.


        To set a custom expiration time for the invitation, use the `expiresInMinutes` parameter to define when the token will expire.


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateInviteTokenRequest'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations Settings
  /resources/tenants/invites/v1/all:
    get:
      operationId: TenantInvitesController_getAllInvites
      summary: Get All Account (tenant) Invites
      description: 'Retrieve all invitation tokens across all accounts (tenants).


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters: []
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/InviteTokenDto'
      tags:
      - Account Invitations Settings
  /resources/tenants/invites/v1/token/{id}:
    delete:
      operationId: TenantInvitesController_deleteTenantInvite
      summary: Delete an Account (tenant) Invite
      description: 'Delete an invitation for an account (tenant) using the invitation ID.


        Use this endpoint to delete a specific invitation by providing its invitation ID as a path parameter. You can obtain the invitation ID via the **Get all account (tenant) invites** API.


        A valid environment token is required to call this endpoint. You can obtain it from the environment authentication route.'
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      responses:
        '200':
          description: ''
      tags:
      - Account Invitations Settings
  /resources/configurations/v1/activation/strategies:
    get:
      operationId: ActivationStrategyControllerV1_getActivationStrategy
      summary: Get Activation Strategies
      parameters: []
      responses:
        '200':
          description: Retrieve the current account activation strategies configured in your environment.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ActivationStrategyResponse'
      tags:
      - Account Invitations Settings
    post:
      operationId: ActivationStrategyControllerV1_createOrUpdateActivationStrategy
      summary: Create or Update Activation Strategy
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateOrUpdateActivationStrategyRequest'
      responses:
        '200':
          description: Create a new activation strategy or update the existing activation strategy for your environment.
      tags:
      - Account Invitations Settings
  /resources/configurations/v1/invitation/strategies:
    get:
      operationId: InvitationStrategyControllerV1_getInvitationStrategy
      summary: Get Invitation Strategies
      parameters: []
      responses:
        '200':
          description: Retrieve the current invitation strategies configured in your environment.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/InvitationStrategyResponse'
      tags:
      - Account Invitations Settings
    post:
      operationId: InvitationStrategyControllerV1_createOrUpdateInvitationStrategy
      summary: Create or Update Invitation Strategy
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateOrUpdateInvitationStrategyRequest'
      responses:
        '200':
          description: Create a new invitation strategy or update the existing invitation strategy for your environment.
      tags:
      - Account Invitations Settings
  /resources/roles/v2:
    get:
      operationId: PermissionsControllerV2_getAllRoles
      summary: Get Roles V2
      description: 'Retrieve all roles for your environment.


        Each role object includes the name, permissions, and other defining information.'
      parameters:
      - name: _limit
        required: false
        in: query
        schema:
          minimum: 1
          maximum: 2000
          default: 50
          type: number
      - name: _sortBy
        required: true
        in: query
        schema:
          enum:
          - key
          - name
          - description
          - isDefault
          - firstUserRole
          - level
          - updatedAt
          - createdAt
          - permissions
          - userTenants
          - groups
          type: string
      - name: _levels
        required: false
        in: query
        schema:
          type: array
          items:
            type: number
      - name: _tenantIds
        required: false
        in: query
        schema:
          type: array
          items:
            type: string
      - name: _offset
        required: false
        in: query
        schema:
          minimum: 0
          default: 0
          type: number
        description: The page number to retrieve. For example, use 0 for the first page, 1 for the second page.
      - name: _order
        required: false
        in: query
        schema:
          enum:
          - ASC
          - DESC
          type: string
      - name: _filter
        required: false
        in: query
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
        required: false
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                allOf:
                - $ref: '#/components/schemas/FronteggPaginationWrapper'
                - properties:
                    items:
                      type: array
                      items:
                        $ref: '#/components/schemas/RoleResponse'
                    _links:
                      $ref: '#/components/schemas/FronteggPaginationLinks'
                    _metadata:
                      $ref: '#/components/schemas/FronteggPaginationMetadata'
      tags:
      - Account Roles
    post:
      operationId: RolesControllerV2_addRole
      summary: Create a New Role
      description: 'Add a new role for a specific account (tenant).


        Include the required permissions in the request body to customize the role.'
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
        required: false
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/AddRoleWithPermissionsRequest'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AddRoleWithPermissionsResponse'
      tags:
      - Account Roles
  /resources/roles/v2/distinct-levels:
    get:
      operationId: RolesControllerV2_getDistinctLevels
      summary: Get Distinct Levels of Roles
      description: Retrieve all role levels for your environment.
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
        required: false
        schema:
          type: string
      responses:
        '200':
          description: ''
      tags:
      - Account Roles
  /resources/roles/v2/distinct-tenants:
    get:
      operationId: RolesControllerV2_getDistinctTenants
      summary: Get Distinct Assigned Accounts (tenants) of Roles
      description: Retrieve all assigned account (tenant) IDs from roles for your environment.
      parameters: []
      responses:
        '200':
          description: ''
      tags:
      - Account Roles
  /resources/approval-flows/v1:
    post:
      operationId: ApprovalFlowsController_createApprovalFlow
      summary: Create Approval Flow
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CreateApprovalFlowDto'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApprovalFlowResponseDto'
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApprovalFlowResponseDto'
      tags:
      - Approval Flows
    get:
      operationId: ApprovalFlowsController_getApprovalFlows
      summary: Get Approval Flows
      parameters: []
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApprovalFlowsListResponseDto'
      tags:
      - Approval Flows
  /resources/approval-flows/v1/{id}:
    get:
      operationId: ApprovalFlowsController_getApprovalFlowById
      summary: Get Approval Flow by ID
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApprovalFlowResponseDto'
      tags:
      - Approval Flows
    patch:
      operationId: ApprovalFlowsController_updateApprovalFlow
      summary: Update Approval Flow
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/UpdateApprovalFlowDto'
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApprovalFlowResponseDto'
      tags:
      - Approval Flows
    delete:
      operationId: ApprovalFlowsController_deleteApprovalFlow
      summary: Delete Approval Flow
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      responses:
        '200':
          description: ''
        '204':
          description: ''
      tags:
      - Approval Flows
  /resources/approval-flows/v1/approver-action:
    post:
      operationId: ApprovalFlowsController_approverAction
      summary: Approver Action
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ApproverActionDto'
      responses:
        '200':
          description: ''
      tags:
      - Approval Flows
  /resources/approval-flows/v1/execution-data:
    get:
      operationId: ApprovalFlowsController_getExecutionData
      summary: Get Approval Flow Execution Data
      parameters:
      - name: approvalFlowExecutionId
        required: true
        in: query
        schema:
          type: string
      - name: approverId
        required: true
        in: query
        schema:
          type: string
      - name: approvalFlowStepId
        required: true
        in: query
        schema:
          type: string
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExecutionDataResponseDto'
      tags:
      - Approval Flows
  /resources/approval-flows/v1/{id}/execute:
    post:
      operationId: ApprovalFlowsController_executeApprovalFlow
      summary: Execute Approval Flow
      parameters:
      - name: id
        required: true
        in: path
        schema:
          type: string
      - name: frontegg-tenant-id
        in: header
        description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
        required: false
        schema:
          type: string
      - name: frontegg-user-id
        in: header
        description: The user ID
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ExecuteApprovalFlowDto'
      responses:
        '200':
          description: ''
      tags:
      - Approval Flows
  /resources/approval-flows/v1/step-up/execute:
    post:
      operationId: ApprovalFlowsController_executeStepUpApprovalFlow
      summary: Execute Step up Approval Flow
      parameters:
      - name: frontegg-tenant-id
        in: header
        description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
        required: false
        schema:
          type: string
      - name: frontegg-user-id
        in: header
        description: The user ID
        required: true
        schema:
          type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ExecuteApprovalFlowDto'
      responses:
        '200':
          description: ''
      tags:
      - Approval Flows
  /resources/configurations/v1:
    post:
      operationId: VendorConfigController_addOrUpdateConfig
      summary: Update Identity Management Configuration
      description: 'Update the identity management configuration for your environment.


        Use this endpoint to add or update identity management parameters by sending the desired values in the request body.


        Refer to the parameter documentation for the list of supported values.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/VendorConfigRequest'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/VendorConfigResponse'
      tags:
      - Core Settings
    get:
      operationId: VendorConfigController_getVendorConfig
      summary: Get Identity Management Configuration
      description: 'Retrieve the identity management configuration for your environment.


        Use this endpoint to get the current identity management settings configured in your environment.'
      parameters: []
      responses:
        '200':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/VendorConfigResponse'
      tags:
      - Core Settings
  /resources/configurations/v1/captcha-policy:
    post:
      operationId: CaptchaPolicyController_createCaptchaPolicy
      summary: Create Captcha Policy
      description: 'Create a CAPTCHA policy for all accounts (tenants).


        Provide the required settings in the request body. To enable the policy, set the `enabled` parameter to `true`, and provide the `siteKey` and `secretKey` obtained from reCAPTCHA. You can also set the `minimumScore` parameter to a value between `0` and `1` to define the minimum score threshold.'
      parameters: []
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CaptchaPolicyRequest'
      responses:
        '201':
          description: ''
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/

# --- truncated at 32 KB (394 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/openapi/frontegg-identity-openapi.yml