Frontegg · Capability

Frontegg Identity API

Frontegg Identity API capability. 100 operations. Lead operation: Authenticate using API token. Self-contained Naftiko capability for the Frontegg Frontegg Identity business surface.

Run with Naftiko FronteggIdentity

What You Can Do

POST
Authenticationapitokencontrollerv2_authapitoken — Authenticate using API token
/v1/resources/auth/v2/api-token
POST
Authenticationapitokencontrollerv2_refreshtoken — Refresh API token
/v1/resources/auth/v2/api-token/token/refresh
POST
Tenantaccesstokensv1controller_createtenantaccesstoken — Create account (tenant) access token
/v1/resources/tenants/access-tokens/v1
GET
Tenantaccesstokensv1controller_gettenantaccesstokens — Get account (tenant) access tokens
/v1/resources/tenants/access-tokens/v1
DELETE
Tenantaccesstokensv1controller_deletetenantaccesstoken — Delete account (tenant) access token
/v1/resources/tenants/access-tokens/v1/{id}
POST
Tenantapitokensv1controller_createtenantapitoken — Create client credentials token
/v1/resources/tenants/api-tokens/v1
GET
Tenantapitokensv1controller_gettenantsapitokens — Get client credentials tokens
/v1/resources/tenants/api-tokens/v1
DELETE
Tenantapitokensv1controller_deletetenantapitoken — Delete client credentials token
/v1/resources/tenants/api-tokens/v1/{id}
PATCH
Tenantapitokensv1controller_updatetenantapitoken — Update client credentials token
/v1/resources/tenants/api-tokens/v1/{id}
POST
Tenantapitokensv2controller_createtenantapitoken — Create client credentials token
/v1/resources/tenants/api-tokens/v2
GET
Tenantinvitescontroller_gettenantinviteforuser — Get account (tenant) invite of user
/v1/resources/tenants/invites/v1/user
POST
Tenantinvitescontroller_createtenantinviteforuser — Create account (tenant) invite for user
/v1/resources/tenants/invites/v1/user
DELETE
Tenantinvitescontroller_deletetenantinviteforuser — Delete account (tenant) invite of user
/v1/resources/tenants/invites/v1/user
PATCH
Tenantinvitescontroller_updatetenantinviteforuser — Update account (tenant) invite of user
/v1/resources/tenants/invites/v1/user
POST
Tenantinvitescontroller_verifytenantinvite — Verify account (tenant) invite
/v1/resources/tenants/invites/v1/verify
GET
Getinvitationconfiguration — Get account (tenant) invite configuration
/v1/resources/tenants/invites/v1/configuration
POST
Tenantinvitesv2controller_createtenantinviteforuser — Create tenant invite with roles for user
/v1/resources/tenants/invites/v2/user
POST
Tenantinvitescontroller_createtenantinvite — Create account (tenant) invite
/v1/resources/tenants/invites/v1
GET
Tenantinvitescontroller_getallinvites — Get all account (tenant) invites
/v1/resources/tenants/invites/v1/all
DELETE
Tenantinvitescontroller_deletetenantinvite — Delete an account (tenant) invite
/v1/resources/tenants/invites/v1/token/{id}
GET
Activationstrategycontrollerv1_getactivationstrategy — Get activation strategies
/v1/resources/configurations/v1/activation/strategies
POST
Activationstrategycontrollerv1_createorupdateactivationstrategy — Create or update activation strategy
/v1/resources/configurations/v1/activation/strategies
GET
Invitationstrategycontrollerv1_getinvitationstrategy — Get invitation strategies
/v1/resources/configurations/v1/invitation/strategies
POST
Invitationstrategycontrollerv1_createorupdateinvitationstrategy — Create or update invitation strategy
/v1/resources/configurations/v1/invitation/strategies
GET
Permissionscontrollerv2_getallroles — Get roles v2
/v1/resources/roles/v2
POST
Rolescontrollerv2_addrole — Create a new role
/v1/resources/roles/v2
GET
Rolescontrollerv2_getdistinctlevels — Get distinct levels of roles
/v1/resources/roles/v2/distinct-levels
GET
Rolescontrollerv2_getdistincttenants — Get distinct assigned accounts (tenants) of roles
/v1/resources/roles/v2/distinct-tenants
POST
Approvalflowscontroller_createapprovalflow — Create approval flow
/v1/resources/approval-flows/v1
GET
Approvalflowscontroller_getapprovalflows — Get approval flows
/v1/resources/approval-flows/v1
GET
Approvalflowscontroller_getapprovalflowbyid — Get approval flow by ID
/v1/resources/approval-flows/v1/{id}
PATCH
Approvalflowscontroller_updateapprovalflow — Update approval flow
/v1/resources/approval-flows/v1/{id}
DELETE
Approvalflowscontroller_deleteapprovalflow — Delete approval flow
/v1/resources/approval-flows/v1/{id}
POST
Approvalflowscontroller_approveraction — Approver action
/v1/resources/approval-flows/v1/approver-action
GET
Approvalflowscontroller_getexecutiondata — Get approval flow execution data
/v1/resources/approval-flows/v1/execution-data
POST
Approvalflowscontroller_executeapprovalflow — Execute approval flow
/v1/resources/approval-flows/v1/{id}/execute
POST
Approvalflowscontroller_executestepupapprovalflow — Execute step up approval flow
/v1/resources/approval-flows/v1/step-up/execute
POST
Vendorconfigcontroller_addorupdateconfig — Update identity management configuration
/v1/resources/configurations/v1
GET
Vendorconfigcontroller_getvendorconfig — Get identity management configuration
/v1/resources/configurations/v1
POST
Captchapolicycontroller_createcaptchapolicy — Create captcha policy
/v1/resources/configurations/v1/captcha-policy
PUT
Captchapolicycontroller_updatecaptchapolicy — Update captcha policy
/v1/resources/configurations/v1/captcha-policy
GET
Captchapolicycontroller_getcaptchapolicy — Get captcha policy
/v1/resources/configurations/v1/captcha-policy
GET
Jwttemplatetargetingcontrollerv1_getjwttemplatetargeting — Get JWT template targeting configuration
/v1/resources/configurations/v1/jwt-template-targeting
POST
Jwttemplatetargetingcontrollerv1_createjwttemplatetargeting — Create JWT template targeting configuration
/v1/resources/configurations/v1/jwt-template-targeting
PUT
Jwttemplatetargetingcontrollerv1_updatejwttemplatetargeting — Update or create JWT template targeting configuration
/v1/resources/configurations/v1/jwt-template-targeting
PATCH
Jwttemplatetargetingcontrollerv1_patchjwttemplatetargeting — Update JWT template targeting configuration by ID
/v1/resources/configurations/v1/jwt-template-targeting/{id}
DELETE
Jwttemplatetargetingcontrollerv1_deletejwttemplatetargeting — Delete JWT template targeting configuration by ID
/v1/resources/configurations/v1/jwt-template-targeting/{id}
POST
Jwttemplatescontroller_createjwttemplate — Create JWT template
/v1/resources/jwt-templates/v1
GET
Jwttemplatescontroller_getjwttemplates — Get all JWT templates
/v1/resources/jwt-templates/v1
GET
Jwttemplatescontroller_getjwttemplatebyid — Get JWT template by ID
/v1/resources/jwt-templates/v1/{id}
PUT
Jwttemplatescontroller_updatejwttemplate — Update JWT template
/v1/resources/jwt-templates/v1/{id}
DELETE
Jwttemplatescontroller_deletejwttemplate — Delete JWT template
/v1/resources/jwt-templates/v1/{id}
GET
Vendorconfigcontroller_getvendorconfigbasic — Get identity management configuration
/v1/resources/configurations/v1/basic
POST
Customssov1controller_createssoprovider — Create custom oauth provider
/v1/resources/sso/custom/v1
GET
Ssov2controller_getssoproviders — Get custom oauth provider
/v1/resources/sso/custom/v1
PATCH
Customssov1controller_updatessoprovider — Update custom oauth provider
/v1/resources/sso/custom/v1/{id}
DELETE
Customssov1controller_deletecustomssoconfig — Delete custom oauth provider
/v1/resources/sso/custom/v1/{id}
POST
Userscontrollerv1_migrateuserfromauth0 — Migrate from Auth0
/v1/resources/migrations/v1/auth0
POST
Userscontrollerv1_migrateuserforvendor — Migrate a single user
/v1/resources/migrations/v1/local
POST
Userscontrollerv1_bulkmigrateuserforvendor — Migrate users in bulk
/v1/resources/migrations/v1/local/bulk
GET
Userscontrollerv1_checkbulkmigrationstatus — Check status of bulk migration
/v1/resources/migrations/v1/local/bulk/status/{migrationId}
POST
Userscontrollerv2_bulkmigrateuserforvendor — Migrate vendor users in bulk
/v1/resources/migrations/v2/local/bulk
GET
Delegationconfigurationcontrollerv1_getdelegationconfiguration — Get delegation configuration
/v1/resources/configurations/v1/delegation
POST
Delegationconfigurationcontrollerv1_createorupdatedelegationconfiguration — Create or update delegation configuration
/v1/resources/configurations/v1/delegation
POST
Domainrestrictionscontroller_createdomainrestriction — Create domain restriction
/v1/resources/configurations/restrictions/v1/email-domain
GET
Domainrestrictionscontroller_getdomainrestrictions — Get domain restrictions
/v1/resources/configurations/restrictions/v1/email-domain
GET
Domainrestrictionscontroller_getdomainrestrictionsconfig — Get domain restrictions
/v1/resources/configurations/restrictions/v1/email-domain/config
POST
Domainrestrictionscontroller_updatedomainrestrictionsconfig — Change domain restrictions config list type and toggle it off/on
/v1/resources/configurations/restrictions/v1/email-domain/config
DELETE
Domainrestrictionscontroller_deletedomainrestriction — Delete domain restriction
/v1/resources/configurations/restrictions/v1/email-domain/{id}
POST
Domainrestrictionscontroller_createbulkdomainsrestriction — Replace bulk domain restriction
/v1/resources/configurations/restrictions/v1/email-domain/replace-bulk
POST
Mailconfigcontroller_createorupdatemailconfig — Create or update configuration
/v1/resources/mail/v1/configurations
GET
Mailconfigcontroller_getmailconfig — Get configuration
/v1/resources/mail/v1/configurations
DELETE
Mailconfigcontroller_deletemailconfig — Delete configuration
/v1/resources/mail/v1/configurations
POST
Mailconfigcontroller_createorupdatemailconfigv2 — Create or update configuration v2
/v1/resources/mail/v2/configurations
POST
Mailv1controller_addorupdatetemplate — Add or update template
/v1/resources/mail/v1/configs/templates
GET
Mailv1controller_gettemplateconfiguration — Get template
/v1/resources/mail/v1/configs/templates
DELETE
Mailv1controller_deletetemplate — Delete template
/v1/resources/mail/v1/configs/templates/{templateId}
GET
Mailv1controller_getdefaulttemplateconfiguration — Get default template by type
/v1/resources/mail/v1/configs/{type}/default
POST
Authenticatioauthenticationcontrollerv1_authenticatelocaluser — Authenticate user with password
/v1/resources/auth/v1/user
POST
Authenticatioauthenticationcontrollerv1_refreshtoken — Refresh user JWT token
/v1/resources/auth/v1/user/token/refresh
POST
Authenticatioauthenticationcontrollerv1_logout — Logout user
/v1/resources/auth/v1/logout
POST
Userscontrollerv1_signupuser — Signup user
/v1/resources/users/v1/signUp
POST
Userssignupcontrollerv1_signupuserusername — Signup user with username
/v1/resources/users/v1/signUp/username
POST
Iprestrictionscontrollerv1_createdomainrestriction — Create or update IP restriction configuration (ALLOW/BLOCK)
/v1/resources/configurations/v1/restrictions/ip/config
GET
Iprestrictionscontrollerv1_getiprestrictionconfig — Get IP restriction configuration (ALLOW/BLOCK)
/v1/resources/configurations/v1/restrictions/ip/config
GET
Iprestrictionscontrollerv1_getalliprestrictions — Get all IP restrictions
/v1/resources/configurations/v1/restrictions/ip
POST
Iprestrictionscontrollerv1_createiprestriction — Create IP restriction
/v1/resources/configurations/v1/restrictions/ip
POST
Iprestrictionscontrollerv1_testcurrentip — Test Current IP
/v1/resources/configurations/v1/restrictions/ip/verify
POST
Testcurrentipinallowlist — Test current IP is in allow list
/v1/resources/configurations/v1/restrictions/ip/verify/allow
DELETE
Iprestrictionscontrollerv1_deleteiprestrictionbyid — Delete IP restriction by IP
/v1/resources/configurations/v1/restrictions/ip/{id}
POST
Lockoutpolicycontroller_createlockoutpolicy — Create lockout policy
/v1/resources/configurations/v1/lockout-policy
PATCH
Lockoutpolicycontroller_updatelockoutpolicy — Update lockout policy
/v1/resources/configurations/v1/lockout-policy
GET
Lockoutpolicycontroller_getlockoutpolicy — Get lockout policy
/v1/resources/configurations/v1/lockout-policy
GET
Vendoronlyuseraccesstokensv1controller_getactiveaccesstokens — Get active access tokens list
/v1/resources/vendor-only/users/access-tokens/v1/active
GET
Vendoronlyuseraccesstokensv1controller_getuseraccesstokendata — Get user access token data
/v1/resources/vendor-only/users/access-tokens/v1/{id}
GET
Vendoronlytenantaccesstokensv1controller_gettenantaccesstokendata — Get account (tenant) access token data
/v1/resources/vendor-only/tenants/access-tokens/v1/{id}
POST
Authenticationmfacontrollerv1_recovermfa — Recover MFA
/v1/resources/auth/v1/user/mfa/recover
POST
Usersmfacontrollerv1_disableauthappmfa — Disable authenticator app MFA
/v1/resources/users/v1/mfa/disable
POST
Usersmfacontrollerv1_disableauthenticatormfa — Disable authenticator app MFA
/v1/resources/users/v1/mfa/authenticator/{deviceId}/disable/verify
POST
Usersmfacontrollerv1_predisablesmsmfa — Pre-disable SMS MFA
/v1/resources/users/v1/mfa/sms/{deviceId}/disable

MCP Tools

frontegg-identity-authenticationapitokencontrollerv2-authapi

Authenticate using API token

frontegg-identity-authenticationapitokencontrollerv2-refresh

Refresh API token

frontegg-identity-tenantaccesstokensv1controller-createtenan

Create account (tenant) access token

frontegg-identity-tenantaccesstokensv1controller-gettenantac

Get account (tenant) access tokens

read-only idempotent
frontegg-identity-tenantaccesstokensv1controller-deletetenan

Delete account (tenant) access token

idempotent
frontegg-identity-tenantapitokensv1controller-createtenantap

Create client credentials token

frontegg-identity-tenantapitokensv1controller-gettenantsapit

Get client credentials tokens

read-only idempotent
frontegg-identity-tenantapitokensv1controller-deletetenantap

Delete client credentials token

idempotent
frontegg-identity-tenantapitokensv1controller-updatetenantap

Update client credentials token

frontegg-identity-tenantapitokensv2controller-createtenantap

Create client credentials token

frontegg-identity-tenantinvitescontroller-gettenantinvitefor

Get account (tenant) invite of user

read-only idempotent
frontegg-identity-tenantinvitescontroller-createtenantinvite

Create account (tenant) invite for user

frontegg-identity-tenantinvitescontroller-deletetenantinvite

Delete account (tenant) invite of user

idempotent
frontegg-identity-tenantinvitescontroller-updatetenantinvite

Update account (tenant) invite of user

frontegg-identity-tenantinvitescontroller-verifytenantinvite

Verify account (tenant) invite

frontegg-identity-getinvitationconfiguration

Get account (tenant) invite configuration

read-only idempotent
frontegg-identity-tenantinvitesv2controller-createtenantinvi

Create tenant invite with roles for user

frontegg-identity-tenantinvitescontroller-createtenantinvite

Create account (tenant) invite

frontegg-identity-tenantinvitescontroller-getallinvites

Get all account (tenant) invites

read-only idempotent
frontegg-identity-tenantinvitescontroller-deletetenantinvite

Delete an account (tenant) invite

idempotent
frontegg-identity-activationstrategycontrollerv1-getactivati

Get activation strategies

read-only idempotent
frontegg-identity-activationstrategycontrollerv1-createorupd

Create or update activation strategy

frontegg-identity-invitationstrategycontrollerv1-getinvitati

Get invitation strategies

read-only idempotent
frontegg-identity-invitationstrategycontrollerv1-createorupd

Create or update invitation strategy

frontegg-identity-permissionscontrollerv2-getallroles

Get roles v2

read-only idempotent
frontegg-identity-rolescontrollerv2-addrole

Create a new role

frontegg-identity-rolescontrollerv2-getdistinctlevels

Get distinct levels of roles

read-only idempotent
frontegg-identity-rolescontrollerv2-getdistincttenants

Get distinct assigned accounts (tenants) of roles

read-only idempotent
frontegg-identity-approvalflowscontroller-createapprovalflow

Create approval flow

frontegg-identity-approvalflowscontroller-getapprovalflows

Get approval flows

read-only idempotent
frontegg-identity-approvalflowscontroller-getapprovalflowbyi

Get approval flow by ID

read-only idempotent
frontegg-identity-approvalflowscontroller-updateapprovalflow

Update approval flow

frontegg-identity-approvalflowscontroller-deleteapprovalflow

Delete approval flow

idempotent
frontegg-identity-approvalflowscontroller-approveraction

Approver action

frontegg-identity-approvalflowscontroller-getexecutiondata

Get approval flow execution data

read-only idempotent
frontegg-identity-approvalflowscontroller-executeapprovalflo

Execute approval flow

frontegg-identity-approvalflowscontroller-executestepupappro

Execute step up approval flow

frontegg-identity-vendorconfigcontroller-addorupdateconfig

Update identity management configuration

frontegg-identity-vendorconfigcontroller-getvendorconfig

Get identity management configuration

read-only idempotent
frontegg-identity-captchapolicycontroller-createcaptchapolic

Create captcha policy

frontegg-identity-captchapolicycontroller-updatecaptchapolic

Update captcha policy

idempotent
frontegg-identity-captchapolicycontroller-getcaptchapolicy

Get captcha policy

read-only idempotent
frontegg-identity-jwttemplatetargetingcontrollerv1-getjwttem

Get JWT template targeting configuration

read-only idempotent
frontegg-identity-jwttemplatetargetingcontrollerv1-createjwt

Create JWT template targeting configuration

frontegg-identity-jwttemplatetargetingcontrollerv1-updatejwt

Update or create JWT template targeting configuration

idempotent
frontegg-identity-jwttemplatetargetingcontrollerv1-patchjwtt

Update JWT template targeting configuration by ID

frontegg-identity-jwttemplatetargetingcontrollerv1-deletejwt

Delete JWT template targeting configuration by ID

idempotent
frontegg-identity-jwttemplatescontroller-createjwttemplate

Create JWT template

frontegg-identity-jwttemplatescontroller-getjwttemplates

Get all JWT templates

read-only idempotent
frontegg-identity-jwttemplatescontroller-getjwttemplatebyid

Get JWT template by ID

read-only idempotent
frontegg-identity-jwttemplatescontroller-updatejwttemplate

Update JWT template

idempotent
frontegg-identity-jwttemplatescontroller-deletejwttemplate

Delete JWT template

idempotent
frontegg-identity-vendorconfigcontroller-getvendorconfigbasi

Get identity management configuration

read-only idempotent
frontegg-identity-customssov1controller-createssoprovider

Create custom oauth provider

frontegg-identity-ssov2controller-getssoproviders

Get custom oauth provider

read-only idempotent
frontegg-identity-customssov1controller-updatessoprovider

Update custom oauth provider

frontegg-identity-customssov1controller-deletecustomssoconfi

Delete custom oauth provider

idempotent
frontegg-identity-userscontrollerv1-migrateuserfromauth0

Migrate from Auth0

frontegg-identity-userscontrollerv1-migrateuserforvendor

Migrate a single user

frontegg-identity-userscontrollerv1-bulkmigrateuserforvendor

Migrate users in bulk

frontegg-identity-userscontrollerv1-checkbulkmigrationstatus

Check status of bulk migration

read-only idempotent
frontegg-identity-userscontrollerv2-bulkmigrateuserforvendor

Migrate vendor users in bulk

frontegg-identity-delegationconfigurationcontrollerv1-getdel

Get delegation configuration

read-only idempotent
frontegg-identity-delegationconfigurationcontrollerv1-create

Create or update delegation configuration

frontegg-identity-domainrestrictionscontroller-createdomainr

Create domain restriction

frontegg-identity-domainrestrictionscontroller-getdomainrest

Get domain restrictions

read-only idempotent
frontegg-identity-domainrestrictionscontroller-getdomainrest

Get domain restrictions

read-only idempotent
frontegg-identity-domainrestrictionscontroller-updatedomainr

Change domain restrictions config list type and toggle it off/on

frontegg-identity-domainrestrictionscontroller-deletedomainr

Delete domain restriction

idempotent
frontegg-identity-domainrestrictionscontroller-createbulkdom

Replace bulk domain restriction

frontegg-identity-mailconfigcontroller-createorupdatemailcon

Create or update configuration

frontegg-identity-mailconfigcontroller-getmailconfig

Get configuration

read-only idempotent
frontegg-identity-mailconfigcontroller-deletemailconfig

Delete configuration

idempotent
frontegg-identity-mailconfigcontroller-createorupdatemailcon

Create or update configuration v2

frontegg-identity-mailv1controller-addorupdatetemplate

Add or update template

frontegg-identity-mailv1controller-gettemplateconfiguration

Get template

read-only idempotent
frontegg-identity-mailv1controller-deletetemplate

Delete template

idempotent
frontegg-identity-mailv1controller-getdefaulttemplateconfigu

Get default template by type

read-only idempotent
frontegg-identity-authenticatioauthenticationcontrollerv1-au

Authenticate user with password

frontegg-identity-authenticatioauthenticationcontrollerv1-re

Refresh user JWT token

frontegg-identity-authenticatioauthenticationcontrollerv1-lo

Logout user

frontegg-identity-userscontrollerv1-signupuser

Signup user

frontegg-identity-userssignupcontrollerv1-signupuserusername

Signup user with username

frontegg-identity-iprestrictionscontrollerv1-createdomainres

Create or update IP restriction configuration (ALLOW/BLOCK)

frontegg-identity-iprestrictionscontrollerv1-getiprestrictio

Get IP restriction configuration (ALLOW/BLOCK)

read-only idempotent
frontegg-identity-iprestrictionscontrollerv1-getalliprestric

Get all IP restrictions

read-only idempotent
frontegg-identity-iprestrictionscontrollerv1-createiprestric

Create IP restriction

frontegg-identity-iprestrictionscontrollerv1-testcurrentip

Test Current IP

frontegg-identity-testcurrentipinallowlist

Test current IP is in allow list

frontegg-identity-iprestrictionscontrollerv1-deleteiprestric

Delete IP restriction by IP

idempotent
frontegg-identity-lockoutpolicycontroller-createlockoutpolic

Create lockout policy

frontegg-identity-lockoutpolicycontroller-updatelockoutpolic

Update lockout policy

frontegg-identity-lockoutpolicycontroller-getlockoutpolicy

Get lockout policy

read-only idempotent
frontegg-identity-vendoronlyuseraccesstokensv1controller-get

Get active access tokens list

read-only idempotent
frontegg-identity-vendoronlyuseraccesstokensv1controller-get

Get user access token data

read-only idempotent
frontegg-identity-vendoronlytenantaccesstokensv1controller-g

Get account (tenant) access token data

read-only idempotent
frontegg-identity-authenticationmfacontrollerv1-recovermfa

Recover MFA

frontegg-identity-usersmfacontrollerv1-disableauthappmfa

Disable authenticator app MFA

frontegg-identity-usersmfacontrollerv1-disableauthenticatorm

Disable authenticator app MFA

frontegg-identity-usersmfacontrollerv1-predisablesmsmfa

Pre-disable SMS MFA

Capability Spec

frontegg-identity.yaml Raw ↑ 
naftiko: 1.0.0-alpha2
info:
  label: Frontegg Identity API
  description: 'Frontegg Identity API capability. 100 operations. Lead operation: Authenticate using API token. Self-contained Naftiko capability for the Frontegg Frontegg Identity business surface.'
  tags:
  - Frontegg
  - Identity
  created: '2026-05-22'
  modified: '2026-05-22'
binds:
- namespace: env
  keys:
    FRONTEGG_CLIENT_ID: FRONTEGG_CLIENT_ID
    FRONTEGG_API_KEY: FRONTEGG_API_KEY
    FRONTEGG_BEARER_TOKEN: FRONTEGG_BEARER_TOKEN
capability:
  consumes:
  - type: http
    namespace: frontegg-identity
    baseUri: https://api.frontegg.com/identity
    description: Frontegg Identity API. Bearer JWT (environment or user token) authentication.
    resources:
    - name: resources-auth-v2-api-token
      path: /resources/auth/v2/api-token
      operations:
      - name: AuthenticationApiTokenControllerV2_authApiToken
        method: POST
        description: Authenticate using API token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-auth-v2-api-token-token-refresh
      path: /resources/auth/v2/api-token/token/refresh
      operations:
      - name: AuthenticationApiTokenControllerV2_refreshToken
        method: POST
        description: Refresh API token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-access-tokens-v1
      path: /resources/tenants/access-tokens/v1
      operations:
      - name: TenantAccessTokensV1Controller_createTenantAccessToken
        method: POST
        description: Create account (tenant) access token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: TenantAccessTokensV1Controller_getTenantAccessTokens
        method: GET
        description: Get account (tenant) access tokens
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
    - name: resources-tenants-access-tokens-v1-id
      path: /resources/tenants/access-tokens/v1/{id}
      operations:
      - name: TenantAccessTokensV1Controller_deleteTenantAccessToken
        method: DELETE
        description: Delete account (tenant) access token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
    - name: resources-tenants-api-tokens-v1
      path: /resources/tenants/api-tokens/v1
      operations:
      - name: TenantApiTokensV1Controller_createTenantApiToken
        method: POST
        description: Create client credentials token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: TenantApiTokensV1Controller_getTenantsApiTokens
        method: GET
        description: Get client credentials tokens
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
    - name: resources-tenants-api-tokens-v1-id
      path: /resources/tenants/api-tokens/v1/{id}
      operations:
      - name: TenantApiTokensV1Controller_deleteTenantApiToken
        method: DELETE
        description: Delete client credentials token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
      - name: TenantApiTokensV1Controller_updateTenantApiToken
        method: PATCH
        description: Update client credentials token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-api-tokens-v2
      path: /resources/tenants/api-tokens/v2
      operations:
      - name: TenantApiTokensV2Controller_createTenantApiToken
        method: POST
        description: Create client credentials token
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-invites-v1-user
      path: /resources/tenants/invites/v1/user
      operations:
      - name: TenantInvitesController_getTenantInviteForUser
        method: GET
        description: Get account (tenant) invite of user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID identifier
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
      - name: TenantInvitesController_createTenantInviteForUser
        method: POST
        description: Create account (tenant) invite for user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID identifier
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: TenantInvitesController_deleteTenantInviteForUser
        method: DELETE
        description: Delete account (tenant) invite of user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID identifier
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
      - name: TenantInvitesController_updateTenantInviteForUser
        method: PATCH
        description: Update account (tenant) invite of user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID identifier
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The account (tenant) ID identifier
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-invites-v1-verify
      path: /resources/tenants/invites/v1/verify
      operations:
      - name: TenantInvitesController_verifyTenantInvite
        method: POST
        description: Verify account (tenant) invite
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-invites-v1-configuration
      path: /resources/tenants/invites/v1/configuration
      operations:
      - name: getInvitationConfiguration
        method: GET
        description: Get account (tenant) invite configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-tenants-invites-v2-user
      path: /resources/tenants/invites/v2/user
      operations:
      - name: TenantInvitesV2Controller_createTenantInviteForUser
        method: POST
        description: Create tenant invite with roles for user
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
          required: false
        - name: frontegg-user-id
          in: header
          type: string
          description: The user identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
          required: false
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-invites-v1
      path: /resources/tenants/invites/v1
      operations:
      - name: TenantInvitesController_createTenantInvite
        method: POST
        description: Create account (tenant) invite
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-tenants-invites-v1-all
      path: /resources/tenants/invites/v1/all
      operations:
      - name: TenantInvitesController_getAllInvites
        method: GET
        description: Get all account (tenant) invites
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-tenants-invites-v1-token-id
      path: /resources/tenants/invites/v1/token/{id}
      operations:
      - name: TenantInvitesController_deleteTenantInvite
        method: DELETE
        description: Delete an account (tenant) invite
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
    - name: resources-configurations-v1-activation-strategies
      path: /resources/configurations/v1/activation/strategies
      operations:
      - name: ActivationStrategyControllerV1_getActivationStrategy
        method: GET
        description: Get activation strategies
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
      - name: ActivationStrategyControllerV1_createOrUpdateActivationStrategy
        method: POST
        description: Create or update activation strategy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-configurations-v1-invitation-strategies
      path: /resources/configurations/v1/invitation/strategies
      operations:
      - name: InvitationStrategyControllerV1_getInvitationStrategy
        method: GET
        description: Get invitation strategies
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
      - name: InvitationStrategyControllerV1_createOrUpdateInvitationStrategy
        method: POST
        description: Create or update invitation strategy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-roles-v2
      path: /resources/roles/v2
      operations:
      - name: PermissionsControllerV2_getAllRoles
        method: GET
        description: Get roles v2
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: _limit
          in: query
          type: number
          description: _limit parameter
          required: false
        - name: _sortBy
          in: query
          type: string
          description: _sortBy parameter
          required: true
        - name: _levels
          in: query
          type: array
          description: _levels parameter
          required: false
        - name: _tenantIds
          in: query
          type: array
          description: _tenantIds parameter
          required: false
        - name: _offset
          in: query
          type: number
          description: The page number to retrieve. For example, use 0 for the first page, 1 for the second page.
          required: false
        - name: _order
          in: query
          type: string
          description: _order parameter
          required: false
        - name: _filter
          in: query
          type: string
          description: _filter parameter
          required: false
        - name: frontegg-tenant-id
          in: header
          type: string
          description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
          required: false
      - name: RolesControllerV2_addRole
        method: POST
        description: Create a new role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
          required: false
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-roles-v2-distinct-levels
      path: /resources/roles/v2/distinct-levels
      operations:
      - name: RolesControllerV2_getDistinctLevels
        method: GET
        description: Get distinct levels of roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: For relating a role to a specific account (tenant), use `get accounts (tenants)` API to find the account (tenant) Ids
          required: false
    - name: resources-roles-v2-distinct-tenants
      path: /resources/roles/v2/distinct-tenants
      operations:
      - name: RolesControllerV2_getDistinctTenants
        method: GET
        description: Get distinct assigned accounts (tenants) of roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-approval-flows-v1
      path: /resources/approval-flows/v1
      operations:
      - name: ApprovalFlowsController_createApprovalFlow
        method: POST
        description: Create approval flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: ApprovalFlowsController_getApprovalFlows
        method: GET
        description: Get approval flows
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-approval-flows-v1-id
      path: /resources/approval-flows/v1/{id}
      operations:
      - name: ApprovalFlowsController_getApprovalFlowById
        method: GET
        description: Get approval flow by ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
      - name: ApprovalFlowsController_updateApprovalFlow
        method: PATCH
        description: Update approval flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: ApprovalFlowsController_deleteApprovalFlow
        method: DELETE
        description: Delete approval flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
    - name: resources-approval-flows-v1-approver-action
      path: /resources/approval-flows/v1/approver-action
      operations:
      - name: ApprovalFlowsController_approverAction
        method: POST
        description: Approver action
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-approval-flows-v1-execution-data
      path: /resources/approval-flows/v1/execution-data
      operations:
      - name: ApprovalFlowsController_getExecutionData
        method: GET
        description: Get approval flow execution data
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: approvalFlowExecutionId
          in: query
          type: string
          description: approvalFlowExecutionId parameter
          required: true
        - name: approverId
          in: query
          type: string
          description: approverId parameter
          required: true
        - name: approvalFlowStepId
          in: query
          type: string
          description: approvalFlowStepId parameter
          required: true
    - name: resources-approval-flows-v1-id-execute
      path: /resources/approval-flows/v1/{id}/execute
      operations:
      - name: ApprovalFlowsController_executeApprovalFlow
        method: POST
        description: Execute approval flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
          required: false
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-approval-flows-v1-step-up-execute
      path: /resources/approval-flows/v1/step-up/execute
      operations:
      - name: ApprovalFlowsController_executeStepUpApprovalFlow
        method: POST
        description: Execute step up approval flow
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: frontegg-tenant-id
          in: header
          type: string
          description: The tenant identifier. Required for requests to api.frontegg.com (or your region) when using a management token. Parsed from the token when using user or API tokens
          required: false
        - name: frontegg-user-id
          in: header
          type: string
          description: The user ID
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-configurations-v1
      path: /resources/configurations/v1
      operations:
      - name: VendorConfigController_addOrUpdateConfig
        method: POST
        description: Update identity management configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: VendorConfigController_getVendorConfig
        method: GET
        description: Get identity management configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-configurations-v1-captcha-policy
      path: /resources/configurations/v1/captcha-policy
      operations:
      - name: CaptchaPolicyController_createCaptchaPolicy
        method: POST
        description: Create captcha policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: CaptchaPolicyController_updateCaptchaPolicy
        method: PUT
        description: Update captcha policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: CaptchaPolicyController_getCaptchaPolicy
        method: GET
        description: Get captcha policy
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-configurations-v1-jwt-template-targeting
      path: /resources/configurations/v1/jwt-template-targeting
      operations:
      - name: JwtTemplateTargetingControllerV1_getJwtTemplateTargeting
        method: GET
        description: Get JWT template targeting configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
      - name: JwtTemplateTargetingControllerV1_createJwtTemplateTargeting
        method: POST
        description: Create JWT template targeting configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: JwtTemplateTargetingControllerV1_updateJwtTemplateTargeting
        method: PUT
        description: Update or create JWT template targeting configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: resources-configurations-v1-jwt-template-targeting-id
      path: /resources/configurations/v1/jwt-template-targeting/{id}
      operations:
      - name: JwtTemplateTargetingControllerV1_patchJwtTemplateTargeting
        method: PATCH
        description: Update JWT template targeting configuration by ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: JwtTemplateTargetingControllerV1_deleteJwtTemplateTargeting
        method: DELETE
        description: Delete JWT template targeting configuration by ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
    - name: resources-jwt-templates-v1
      path: /resources/jwt-templates/v1
      operations:
      - name: JwtTemplatesController_createJwtTemplate
        method: POST
        description: Create JWT template
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: JwtTemplatesController_getJwtTemplates
        method: GET
        description: Get all JWT templates
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: keys
          in: query
          type: array
          description: Filter by template keys
          required: false
        - name: ids
          in: query
          type: array
          description: Filter by template IDs
          required: false
        - name: _limit
          in: query
          type: number
          description: Maximum number of items to return
          required: false
        - name: _offset
          in: query
          type: number
          description: The page number to retrieve. For example, use 0 for the first page, 1 for the second page.
          required: false
        - name: _sortBy
          in: query
          type: string
          description: Field to sort by
          required: false
        - name: _order
          in: query
          type: string
          description: Sort order
          required: false
    - name: resources-jwt-templates-v1-id
      path: /resources/jwt-templates/v1/{id}
      operations:
      - name: JwtTemplatesController_getJwtTemplateById
        method: GET
        description: Get JWT template by ID
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
      - name: JwtTemplatesController_updateJwtTemplate
        method: PUT
        description: Update JWT template
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: JwtTemplatesController_deleteJwtTemplate
        method: DELETE
        description: Delete JWT template
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: string
          description: id parameter
          required: true
    - name: resources-configurations-v1-basic
      path: /resources/configurations/v1/basic
      operations:
      - name: VendorConfigController_getVendorConfigBasic
        method: GET
        description: Get identity management configuration
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-custom-v1
      path: /resources/sso/custom/v1
      operations:
      - name: CustomSsoV1Controller_createSsoProvider
        method: POST
        description: Create custom oauth provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: SsoV2Controller_getSsoProviders
        method: GET
        description: Get custom oauth provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters: []
    - name: resources-sso-custom-v1-id
      path: /resources/sso/custom/v1/{id}
      operations:
      - name: CustomSsoV1Controller_updateSsoProvider
        method: PATCH
        description: Update custom oauth provider
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: id
          in: path
          type: st

# --- truncated at 32 KB (152 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/frontegg/refs/heads/main/capabilities/frontegg-identity.yaml