Returns the available auth methods for the given user email. Example: password, ldap, oauth, etc.

  • Published on Jul 8, 2025
  • 1 minute(s) read
Prev Next
Post
/sys/v1/session/auth/discover

Returns the available auth methods for the given user email. Example: password, ldap, oauth, etc.

Security
HTTP
Type bearer
API Key: apiKeyAuth
Header parameter nameAuthorization
Query parameters
AuthDiscoverParams
object
acct_id
string (uuid)

The account for which the user wishes to discover authentication mechanisms. Note that if specified, the user_email field in an AuthDiscoverRequest will be ignored.

Body parameters
object
user_email
string (email)

The email of the user wishing to log in. If the auth discovery request also includes an acct_id query parameter, this field will be effectively ignored.

Responses
2XX

Success result

Expand All
Array
OneOf
object
object
method
string
Valid values[ "password" ]
object
object
method
string
Valid values[ "saml-post" ]
name
string
icon_url
string
id
string
binding_url
string
authn_request
string
idp_id
string (byte)
object
object
method
string
Valid values[ "oauth-auth-code-grant" ]
name
string
icon_url
string
authorization_url
string
client_id
string
redirect_uri
string
state
string
idp_id
string (byte)
auth_params
object
prompt
Array of string (OauthAuthParamPrompt) | null

Specifies whether the Authorization Server prompts the End-User for reauthentication and consent

string

Corresponds to the prompt parameter in https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest

Valid values[ "login", "none", "consent", "select_account" ]
display
string

Corresponds to the display parameter in https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest

Valid values[ "page", "popup", "touch", "wap" ]
max_age
integer | null

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated by the OP. If the elapsed time is greater than this value, the OP MUST attempt to actively re-authenticate the End-User

object
object
method
string
Valid values[ "ldap-password" ]
name
string
icon_url
string
idp_id
string (byte)
object
object
method
string
Valid values[ "vcd" ]
name
string
authorization_url
string
idp_id
string (byte)