Docs / Fulan Auth Service
Fulan Auth Service
Live OpenAPI from the auth service. Use this to explore endpoints and map operations to client workflows.
Version: 0.1.0
http://127.0.0.1:8080/openapi.json/.well-known/jwks.json1 operationExpand
/.well-known/jwks.json1 operation
GET
JWKS endpoint
operationId:
getJWKS200503
/.well-known/openid-configuration1 operationExpand
/.well-known/openid-configuration1 operation
GET
OIDC discovery document
operationId:
getOIDCDiscovery200
/admin/correlation1 operationExpand
/admin/correlation1 operation
GET
Admin correlation query (audited)
operationId:
getAdminCorrelationParameters
subject_type (query) (required)subject_id (query) (required)200400401
/admin/scopes/grants2 operationsExpand
/admin/scopes/grants2 operations
POST
Grant a global scope to a global user (admin-only)
operationId:
postAdminGlobalScopeGrantrequest body204400401
DELETE
Revoke a global scope from a global user (admin-only)
operationId:
deleteAdminGlobalScopeGrantrequest body204400401
/apps2 operationsExpand
/apps2 operations
GET
List apps created by the caller (admin lists all)
operationId:
getApps200401
POST
Create app registration
operationId:
postAppsrequest body201401
/apps/{client_id}2 operationsExpand
/apps/{client_id}2 operations
GET
Get app registration
operationId:
getAppParameters
client_id (path) (required)200401404
PATCH
Update app registration
operationId:
patchAppParameters
client_id (path) (required)request body200401404
/apps/{client_id}/delete1 operationExpand
/apps/{client_id}/delete1 operation
POST
Soft delete app and revoke refresh sessions
operationId:
postAppDeleteParameters
client_id (path) (required)204401404
/apps/{client_id}/disable1 operationExpand
/apps/{client_id}/disable1 operation
POST
Disable app
operationId:
postAppDisableParameters
client_id (path) (required)204400401404
/apps/{client_id}/enable1 operationExpand
/apps/{client_id}/enable1 operation
POST
Enable app
operationId:
postAppEnableParameters
client_id (path) (required)204400401404
/apps/{client_id}/recover1 operationExpand
/apps/{client_id}/recover1 operation
POST
Recover app from soft delete
operationId:
postAppRecoverParameters
client_id (path) (required)204401404
/authorize1 operationExpand
/authorize1 operation
GET
OAuth2 authorization endpoint (Authorization Code + PKCE)
operationId:
getAuthorizeParameters
response_type (query) (required)client_id (query) (required)redirect_uri (query) (required)scope (query) (required)identifier_type (query) identifier_value (query) state (query) code_challenge (query) (required)code_challenge_method (query) (required)302400
/correlation/self1 operationExpand
/correlation/self1 operation
GET
List apps correlated to the caller based on verified global identifiers (self-only)
operationId:
getCorrelationSelf200401403
/debug/vars1 operationExpand
/debug/vars1 operation
GET
expvar metrics
operationId:
getDebugVars200
/docs1 operationExpand
/docs1 operation
GET
Swagger UI
operationId:
getDocs200
/healthz1 operationExpand
/healthz1 operation
GET
Liveness probe
operationId:
getHealthz200
/link/confirm1 operationExpand
/link/confirm1 operation
POST
Confirm linking (global identity side): requires auth:link:write, explicit consent, and re-auth OTP
operationId:
postLinkConfirmrequest body204400401409429
/link/initiate1 operationExpand
/link/initiate1 operation
POST
Initiate linking (app account side): requires auth:link:write and app linkingEnabled
operationId:
postLinkInitiaterequest body200400401403429
/logout1 operationExpand
/logout1 operation
POST
Logout: revoke current refresh session
operationId:
postLogoutrequest body204400401
/logout/all1 operationExpand
/logout/all1 operation
POST
Logout all devices: revoke all refresh sessions for the subject in this app
operationId:
postLogoutAll204401
/openapi.json1 operationExpand
/openapi.json1 operation
GET
OpenAPI specification
operationId:
getOpenAPI200
/otp/send1 operationExpand
/otp/send1 operation
POST
Send OTP (stub delivery) with rate limiting
operationId:
postOTPSendrequest body200400429
/otp/verify1 operationExpand
/otp/verify1 operation
POST
Verify OTP with rate limiting and attempt lockout
operationId:
postOTPVerifyrequest body204400429
/password/forgot1 operationExpand
/password/forgot1 operation
POST
Forgot password (OTP): request reset code (only when OTP verification is enabled for the app)
operationId:
postPasswordForgotrequest body200400429
/password/reset1 operationExpand
/password/reset1 operation
POST
Reset password (OTP): verify OTP and set a new password
operationId:
postPasswordResetrequest body204400429
/readyz1 operationExpand
/readyz1 operation
GET
Readiness probe (DB connectivity)
operationId:
getReadyz200503
/signup1 operationExpand
/signup1 operation
POST
Create a developer (portal) account
operationId:
postSignuprequest body204400409
/token1 operationExpand
/token1 operation
POST
OAuth2 token endpoint
operationId:
postTokenrequest body200400
/userinfo1 operationExpand
/userinfo1 operation
GET
OIDC userinfo endpoint
operationId:
getUserinfo200401