# \AuthenticationApi
All URIs are relative to *https://api.antimatter.io/v2*
[**domain_authenticate**](AuthenticationApi.md#domain_authenticate) | **POST** /domains/{domainID}/authenticate | Authenticate with a domain
[**domain_contact_issue_verify**](AuthenticationApi.md#domain_contact_issue_verify) | **POST** /domains/{domainID}/account/verify | Issue a new verification request
[**domain_contact_verify**](AuthenticationApi.md#domain_contact_verify) | **GET** /domains/{domainID}/account/verify | Verify an admin contact email
[**domain_delete_capability**](AuthenticationApi.md#domain_delete_capability) | **DELETE** /domains/{domainID}/control/capabilities/{capability} | Delete a capability
[**domain_delete_identity_provider**](AuthenticationApi.md#domain_delete_identity_provider) | **DELETE** /domains/{domainID}/control/identities/{identityProviderName} | Delete an identity provider
[**domain_delete_identity_provider_principal**](AuthenticationApi.md#domain_delete_identity_provider_principal) | **DELETE** /domains/{domainID}/control/identities/{identityProviderName}/principals/{principalID} | Delete identity provider principal
[**domain_get_capabilities**](AuthenticationApi.md#domain_get_capabilities) | **GET** /domains/{domainID}/control/capabilities | Get the domain capabilities
[**domain_get_capability**](AuthenticationApi.md#domain_get_capability) | **GET** /domains/{domainID}/control/capabilities/{capability} | Get a single capability
[**domain_get_identity_group_providers**](AuthenticationApi.md#domain_get_identity_group_providers) | **GET** /domains/{domainID}/control/identities/group-providers | Get supported group identity provider details
[**domain_get_identity_provider**](AuthenticationApi.md#domain_get_identity_provider) | **GET** /domains/{domainID}/control/identities/{identityProviderName} | Get an identity provider's details
[**domain_get_identity_provider_principal**](AuthenticationApi.md#domain_get_identity_provider_principal) | **GET** /domains/{domainID}/control/identities/{identityProviderName}/principals/{principalID} | Get identity provider principal details
[**domain_get_identity_provider_principals**](AuthenticationApi.md#domain_get_identity_provider_principals) | **GET** /domains/{domainID}/control/identities/{identityProviderName}/principals | Get an identity provider's principals
[**domain_insert_identity_provider_principal**](AuthenticationApi.md#domain_insert_identity_provider_principal) | **POST** /domains/{domainID}/control/identities/{identityProviderName}/principals | Create a new principal for the provider
[**domain_list_identity_providers**](AuthenticationApi.md#domain_list_identity_providers) | **GET** /domains/{domainID}/control/identities | Get a summary of the domain's Identity Providers
[**domain_put_capability**](AuthenticationApi.md#domain_put_capability) | **PUT** /domains/{domainID}/control/capabilities/{capability} | Create or update a capability
[**domain_put_vendor_settings**](AuthenticationApi.md#domain_put_vendor_settings) | **PUT** /domains/{domainID}/control/vendor/settings | Create or update vendor settings
[**domain_update_identity_provider_principal**](AuthenticationApi.md#domain_update_identity_provider_principal) | **PUT** /domains/{domainID}/control/identities/{identityProviderName}/principals/{principalID} | Update identity provider principal capabilities
[**domain_upsert_identity_provider**](AuthenticationApi.md#domain_upsert_identity_provider) | **PUT** /domains/{domainID}/control/identities/{identityProviderName} | Create/Update an identity provider
## domain_authenticate
> models::DomainAuthenticateResponse domain_authenticate(domain_id, domain_authenticate, identity_provider_name, token_exchange, token_lifetime)
Authenticate with a domain
Use an authentication method to obtain a domain ID token which is used as the bearer for all other endpoints. You can use the `/public-info` route to obtain a list of identity providers supported by this endpoint.
### Parameters
**domain_id** | **String** | | [required] |
**domain_authenticate** | [**DomainAuthenticate**](DomainAuthenticate.md) | | [required] |
**identity_provider_name** | Option<**String**> | | |
**token_exchange** | Option<**bool**> | | |
**token_lifetime** | Option<**i32**> | Lifetime of token in seconds. Setting this will override the domain default. This cannot be greater than the domain's maximum token lifetime. The default and maximum token lifetime values can be seen and set at the `/control/settings` route. | |
### Return type
[**models::DomainAuthenticateResponse**](DomainAuthenticateResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_contact_issue_verify
> domain_contact_issue_verify(domain_id, domain_contact_issue_verify_request)
Issue a new verification request
Issue a new verification request to a pending contact email associated with the domain. There is a rate limiter on this endpoint, you may need to wait between invocations.
### Parameters
**domain_id** | **String** | | [required] |
**domain_contact_issue_verify_request** | [**DomainContactIssueVerifyRequest**](DomainContactIssueVerifyRequest.md) | | [required] |
### Return type
(empty response body)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_contact_verify
> models::VerifyContactResponse domain_contact_verify(domain_id, address, token, google_jwt)
Verify an admin contact email
Verify an admin contact email recently associated with a domain. The token will have been emailed (in the form of a link) to the email address when `/account/verify` is called, the domain was initially created, or the email was added via the settings endpoint.
### Parameters
**domain_id** | **String** | | [required] |
**address** | **String** | Email address to be tested against the supplied token | [required] |
**token** | Option<**String**> | Security token issued with verification request | |
**google_jwt** | Option<**String**> | Google-issued JWT carrying the verification email address | |
### Return type
[**models::VerifyContactResponse**](VerifyContactResponse.md)
### Authorization
No authorization required
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_delete_capability
> domain_delete_capability(domain_id, capability)
Delete a capability
Delete a capability. All rules that reference the capability must have already been deleted, or you will get an error
### Parameters
**domain_id** | **String** | | [required] |
**capability** | **String** | the name for this capability, like \"admin\" | [required] |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_delete_identity_provider
> domain_delete_identity_provider(domain_id, identity_provider_name)
Delete an identity provider
Delete an identity provider. All domain tokens created using this identity provider will be invalidated. Take care not to remove the identity provider that is providing you admin access to your domain, as you may \"lock yourself out\".
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_delete_identity_provider_principal
> domain_delete_identity_provider_principal(domain_id, identity_provider_name, principal_id)
Delete identity provider principal
Delete an identity provider principal.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
**principal_id** | **String** | | [required] |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_capabilities
> models::CapabilityDefinitionList domain_get_capabilities(domain_id)
Get the domain capabilities
Get the capabilities configured within the domain. A capability is a key/value pair that can be attached to a principal by an identity provider. The capabilities can be referenced by the domain policy rules.
### Parameters
**domain_id** | **String** | | [required] |
### Return type
[**models::CapabilityDefinitionList**](CapabilityDefinitionList.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_capability
> models::CapabilityDefinition domain_get_capability(domain_id, capability)
Get a single capability
Get a capability. A capability is a key/value pair that can be attached to a domain identity by an identity provider. The capabilities can be referenced by the domain policy rules.
### Parameters
**domain_id** | **String** | | [required] |
**capability** | **String** | the name for this capability, like \"admin\" | [required] |
### Return type
[**models::CapabilityDefinition**](CapabilityDefinition.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_identity_group_providers
> models::DomainIdentityGroupProviderDetails domain_get_identity_group_providers(domain_id)
Get supported group identity provider details
Retrieve details on what information is required in order to allow for mapping external domain group membership to capabilities at authentication.
### Parameters
**domain_id** | **String** | | [required] |
### Return type
[**models::DomainIdentityGroupProviderDetails**](DomainIdentityGroupProviderDetails.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_identity_provider
> models::DomainIdentityProviderInfo domain_get_identity_provider(domain_id, identity_provider_name)
Get an identity provider's details
Retrieve detailed information and configuration of an identity provider.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
### Return type
[**models::DomainIdentityProviderInfo**](DomainIdentityProviderInfo.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_identity_provider_principal
> models::PrincipalInfo domain_get_identity_provider_principal(domain_id, identity_provider_name, principal_id)
Get identity provider principal details
Retrieve detailed information about an identity provider principal.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
**principal_id** | **String** | | [required] |
### Return type
[**models::PrincipalInfo**](PrincipalInfo.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_get_identity_provider_principals
> models::DomainIdentityProviderPrincipalList domain_get_identity_provider_principals(domain_id, identity_provider_name)
Get an identity provider's principals
Retrieve a list of principals for an identity provider
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
### Return type
[**models::DomainIdentityProviderPrincipalList**](DomainIdentityProviderPrincipalList.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_insert_identity_provider_principal
> models::DomainInsertIdentityProviderPrincipal200Response domain_insert_identity_provider_principal(domain_id, identity_provider_name, domain_identity_provider_principal_params)
Create a new principal for the provider
Create a new principal for the provider. Note that the identityProviderName must refer to an existing identity provider or the response will be a 400.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
**domain_identity_provider_principal_params** | [**DomainIdentityProviderPrincipalParams**](DomainIdentityProviderPrincipalParams.md) | | [required] |
### Return type
[**models::DomainInsertIdentityProviderPrincipal200Response**](domainInsertIdentityProviderPrincipal_200_response.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_list_identity_providers
> models::DomainIdentityProviderList domain_list_identity_providers(domain_id)
Get a summary of the domain's Identity Providers
Retrieve the domain's identity providers and a brief overview of their configuration. This endpoint requires authentication, but you can obtain an abridged list of the domain identity providers prior to authentication using the `/public-info` endpoint.
### Parameters
**domain_id** | **String** | | [required] |
### Return type
[**models::DomainIdentityProviderList**](DomainIdentityProviderList.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_put_capability
> domain_put_capability(domain_id, capability, new_capability_definition, createonly)
Create or update a capability
Create or update a capability. If you want to return an error if the capability already existed, set createonly=true
### Parameters
**domain_id** | **String** | | [required] |
**capability** | **String** | the name for this capability, like \"admin\" | [required] |
**new_capability_definition** | [**NewCapabilityDefinition**](NewCapabilityDefinition.md) | | [required] |
**createonly** | Option<**bool**> | return an error if the capability already existed | |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_put_vendor_settings
> domain_put_vendor_settings(domain_id, new_vendor_settings)
Create or update vendor settings
Create or update the vendor settings for a given domain.
### Parameters
**domain_id** | **String** | | [required] |
**new_vendor_settings** | [**NewVendorSettings**](NewVendorSettings.md) | | [required] |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_update_identity_provider_principal
> domain_update_identity_provider_principal(domain_id, identity_provider_name, principal_id, update_principal_params)
Update identity provider principal capabilities
Update the set of capabilities assigned to an identity provider principal. The capabilities must exist.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
**principal_id** | **String** | | [required] |
**update_principal_params** | [**UpdatePrincipalParams**](UpdatePrincipalParams.md) | | [required] |
### Return type
(empty response body)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
## domain_upsert_identity_provider
> models::DomainIdentityProviderInfo domain_upsert_identity_provider(domain_id, identity_provider_name, domain_identity_provider_details)
Create/Update an identity provider
Create or configure an identity provider.
### Parameters
**domain_id** | **String** | | [required] |
**identity_provider_name** | **String** | | [required] |
**domain_identity_provider_details** | [**DomainIdentityProviderDetails**](DomainIdentityProviderDetails.md) | | [required] |
### Return type
[**models::DomainIdentityProviderInfo**](DomainIdentityProviderInfo.md)
### Authorization
[domain_identity](../README.md#domain_identity)
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)