Referência de endpoints
Base URL: https://auth.seudominio.com
Endpoints OIDC (públicos)
| Endpoint | Método | Descrição |
|---|---|---|
/.well-known/openid-configuration | GET | Discovery — metadados do servidor OIDC |
/auth | GET | Authorization — inicia o fluxo PKCE |
/token | POST | Token — troca code, refresh, client_credentials |
/jwks | GET | JSON Web Key Set — chaves públicas para validar JWTs |
/me | GET | UserInfo — claims do usuário autenticado |
/token/revocation | POST | Revogar refresh_token |
/session/end | GET | Logout + limpeza de sessão |
Endpoints de interação (login UI)
| Endpoint | Método | Descrição |
|---|---|---|
/interaction/:uid | GET | Exibe tela de login |
/interaction/:uid/login | POST | Submete credenciais |
/interaction/:uid/register | GET/POST | Cadastro (se allowSelfRegister=true) |
/interaction/:uid/forgot-password | GET/POST | Recuperação de senha |
/interaction/:uid/consent | POST | Aprovação de consent |
/google/login | GET | Inicia fluxo Google OAuth |
/google/callback | GET | Callback Google OAuth |
Endpoints Admin (autenticados)
Todos requerem Authorization: Bearer <token> com is_admin=true.
Sistemas
GET /admin/systems
POST /admin/systems
GET /admin/systems/:id
PATCH /admin/systems/:id
DELETE /admin/systems/:id
POST /admin/systems/:id/rotate-secret
GET /admin/systems/:id/roles
POST /admin/systems/:id/roles
PATCH /admin/systems/:id/roles/:roleId
DELETE /admin/systems/:id/roles/:roleId
GET /admin/systems/:id/profiles
POST /admin/systems/:id/profiles
PATCH /admin/systems/:id/profiles/:profileId
DELETE /admin/systems/:id/profiles/:profileId
GET /admin/systems/:id/accounts
Usuários
GET /admin/users
POST /admin/users
GET /admin/users/:id
PATCH /admin/users/:id
POST /admin/users/:id/set-password
POST /admin/users/:id/reset-password
POST /admin/users/:id/send-password-reset
POST /admin/users/:id/resend-verification
POST /admin/users/:id/disable-mfa
DELETE /admin/users/:id/social/:provider
Memberships
GET /admin/memberships
POST /admin/memberships
GET /admin/memberships/:id
PATCH /admin/memberships/:id
PATCH /admin/memberships/:id/roles
PATCH /admin/memberships/:id/profiles
DELETE /admin/memberships/:id
Sessões
DELETE /admin/sessions/:jti
DELETE /admin/sessions/by-user/:userId
DELETE /admin/sessions/by-system/:systemId
Auditoria
GET /admin/audit
Health & Metrics
GET /health
GET /metrics (se METRICS_ENABLED=true)
Parâmetros de paginação
Todos os endpoints de listagem aceitam:
| Parâmetro | Tipo | Padrão | Descrição |
|---|---|---|---|
page | number | 1 | Página atual |
pageSize | number | 20 | Itens por página (máx: 100) |
search | string | — | Busca por email (usuários/memberships) |
status | string | — | Filtro de status (memberships) |
systemId | string | — | Filtro por sistema (memberships) |