2fauth-api-v1.0.0.yaml

openapi: 3.1.0
x-stoplight:
  id: y6raplyxubnwa
info:
  title: 2FAuth API
  version: 1.0.0
  description: |-
    This is the definition (following OpenAPI 3.1 specification) of the REST API of [2FAuth](https://github.com/Bubka/2FAuth), a web app to manage your Two-Factor Authentication (2FA) accounts and generate their security passwords.

    The API is available once you installed 2FAuth on your server.
  contact:
    name: Bubka
    url: 'https://github.com/Bubka'
    email: contact@2fauth.app
  license:
    name: AGPL-3.0
    url: 'https://www.gnu.org/licenses/agpl-3.0.en.html'
servers:
  - url: 'https://demo.2fauth.app'
    description: Demo server
paths:
  /api/v1/twofaccounts:
    get:
      summary: Get all 2FA accounts
      tags:
        - twofaccounts
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountCollection'
              examples:
                Example without secret:
                  value:
                    - id: 1
                      group_id: 1
                      service: MySite
                      account: john.doe
                      icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                      otp_type: totp
                      digits: 6
                      algorithm: sha1
                      period: 30
                      counter: null
                    - id: 2
                      group_id: 1
                      service: MyOtherSite
                      account: john.doe
                      icon: 1pawLLuMx4bOQkrZxM5CIQyFtVq25dtgMkU3rtST.png
                      otp_type: hotp
                      digits: 8
                      algorithm: sha1
                      period: null
                      counter: 15
                Example with secret:
                  value:
                    - id: 1
                      group_id: 1
                      service: MySite
                      account: john.doe
                      icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                      otp_type: totp
                      digits: 6
                      algorithm: sha1
                      secret: GJTGC5LUNA
                      period: 30
                      counter: null
                    - id: 2
                      group_id: 1
                      service: MyOtherSite
                      account: john.doe
                      icon: 1pawLLuMx4bOQkrZxM5CIQyFtVq25dtgMkU3rtST.png
                      otp_type: hotp
                      digits: 8
                      algorithm: sha1
                      secret: QD5TG6UUJ89F44GV
                      period: null
                      counter: 15
        '401':
          $ref: '#/components/responses/Unauthorized'
      operationId: get-twofaccounts
      description: Find all existing 2FA accounts
      parameters:
        - $ref: '#/components/parameters/withSecret'
    parameters: []
    post:
      summary: Create 2FA account
      tags:
        - twofaccounts
      operationId: post-twofaccounts
      description: Creates a new 2FA account
      requestBody:
        content:
          application/json:
            schema:
              oneOf:
                - $ref: '#/components/schemas/2FAccountStore'
                - $ref: '#/components/schemas/OtpauthUri'
            examples:
              Example with properties:
                value:
                  service: MySite
                  account: john.doe
                  icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                  otp_type: totp
                  digits: 6
                  algorithm: sha1
                  secret: GJTGC5LUNA
                  period: 30
                  counter: null
              Example with URI:
                value:
                  uri: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA&issuer=MySite&period=30&algorithm=sha1&digits=6&image=https://www.example.com/image.png'
        description: |-
          This endpoint accepts 2 different body schemas to create a new 2FA account:
          - A full JSON object with some properties
          - An URI based on the otpauth format
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountRead'
              examples:
                Example:
                  value:
                    id: 1
                    group_id: 1
                    service: MySite
                    account: john.doe
                    icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                    otp_type: totp
                    secret: GJTGC5LUNA
                    digits: 6
                    algorithm: sha1
                    period: 30
                    counter: null
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      parameters: []
    delete:
      summary: Mass delete 2FA accounts
      operationId: delete-twofaccounts
      responses:
        '204':
          description: No Content
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      tags:
        - twofaccounts
      description: |-
        Mass deletes 2FA accounts matching the IDs passed as query parameter.

        A `204 — No Content` response will be returned even if some resources no longer exist before delete.
      parameters:
        - $ref: '#/components/parameters/ids'
  '/api/v1/twofaccounts/{id}':
    parameters:
      - $ref: '#/components/parameters/id'
    get:
      summary: Find 2FA account by ID
      tags:
        - twofaccounts
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountRead'
              examples:
                Example without secret:
                  value:
                    id: 1
                    group_id: 1
                    service: MySite
                    account: john.doe
                    icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                    otp_type: totp
                    digits: 6
                    algorithm: sha1
                    period: 30
                    counter: null
                Example with secret:
                  value:
                    id: 1
                    group_id: 1
                    service: MySite
                    account: john.doe
                    icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                    otp_type: totp
                    secret: GJTGC5LUNA
                    digits: 6
                    algorithm: sha1
                    period: 30
                    counter: null
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-twofaccounts-id
      description: Returns a single 2FA account
      parameters:
        - $ref: '#/components/parameters/withSecret'
    put:
      summary: Update 2FA account
      operationId: put-twofaccounts-id
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountRead'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: Updates a 2FA account
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/2FAccountUpdate'
            examples:
              Example:
                value:
                  service: MySite
                  account: john.doe
                  icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                  otp_type: totp
                  digits: 6
                  algorithm: sha1
                  secret: GJTGC5LUNA
                  period: 30
      tags:
        - twofaccounts
    delete:
      summary: Delete 2FA account
      operationId: delete-twofaccounts-id
      responses:
        '204':
          description: No Content
        '404':
          $ref: '#/components/responses/NotFound'
      tags:
        - twofaccounts
      description: Deletes a 2FA account
  '/api/v1/twofaccounts/{id}/qrcode':
    parameters:
      - $ref: '#/components/parameters/id'
    get:
      summary: Get as a QR code
      tags:
        - twofaccounts
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                description: ''
                type: object
                x-examples:
                  example-1:
                    qrcode: 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASgAAAEoCAIAAABkZftOAAAABnRSTlMA/wD/AP83WBt9AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAGFUlEQVR4nO3dsbJbJxRA0SiT//9lp7BbipOBbHhaq37WlWTtoTgDfH79+vUX8P/6u34D8I2EBwHhQUB4EBAeBIQHAeFBQHgQEB4EhAcB4UFAeBAQHgSEBwHhQeCf6T/4fD4n3sd2p/cZVt/D6nNN38/0+zn9+rueW5l+XiseBIQHAeFBQHgQEB4EhAcB4UFgPMdbqc7n3DXneWUOtnqd09//rvnhrvf/+u/NigcB4UFAeBAQHgSEBwHhQUB4ENg2x1vZNfeo5lRTp+dst+0zvG3e+MrvzYoHAeFBQHgQEB4EhAcB4UFAeBA4Pse7TTVfOm3X/G3XvruVn/r9T1nxICA8CAgPAsKDgPAgIDwICA8CXzfHWzl93mO1T2/13Oq+O36z4kFAeBAQHgSEBwHhQUB4EBAeBI7P8W6b/5w+P3P63Ol8r7rH7/Tn3eW239uKFQ8CwoOA8CAgPAgIDwLCg4DwILBtjnd6PrPLrrlZNadaOb0P8LbP+8rvbcWKBwHhQUB4EBAeBIQHAeFBQHgQGM/xXtnvtHJ6P57v57fT88PXWfEgIDwICA8CwoOA8CAgPAgIDwLjOV51r9qu/Vev7Lubvv7pfYa7nH7uK/f+WfEgIDwICA8CwoOA8CAgPAgIDwLH78dbqc57rOaBu17/dbvu69ulmvtZ8SAgPAgIDwLCg4DwICA8CAgPAp9dc5Xb5jOn993d9nmnqjnkK68/fe6UFQ8CwoOA8CAgPAgIDwLCg4DwIJDtx1up5m+n53W37a97ZT5ZzetOs+JBQHgQEB4EhAcB4UFAeBAQHgTGc7xd86jT52eenv9U99et3DYnnLrte5ieyzp9rhUPAsKDgPAgIDwICA8CwoOA8CAwPlfztNP72W6bC02fW80td6nmddX3v2LFg4DwICA8CAgPAsKDgPAgIDwIXDfHm7ptTjV1el40VZ1HOn0/K9V8b8qKBwHhQUB4EBAeBIQHAeFBQHgQGJ+redu+pm+7T++2+/eqfYOn9x/ajwc/kPAgIDwICA8CwoOA8CAgPAhsux9v131ir8+1TrvtvM1d9wSuVPcxnn4dKx4EhAcB4UFAeBAQHgSEBwHhQWB8rmY1l1s5fX7j6e9n6rb78W6bK75ynqcVDwLCg4DwICA8CAgPAsKDgPAgsO1+vJ96LuVtc8Xpc287r/IVztWEH0h4EBAeBIQHAeFBQHgQEB4Etu3Hm3p97vT6nHDltv1+U7ftn1yx4kFAeBAQHgSEBwHhQUB4EBAeBMb3463sujdv6vW52dTpOedtn/f0nLn6fqx4EBAeBIQHAeFBQHgQEB4EhAeBbXO8qWrf1Onn3rY/cNffT1+nuidw5bb5pBUPAsKDgPAgIDwICA8CwoOA8CCQzfFWpvOZ6lzH284XvW0f2ulzR18553PFigcB4UFAeBAQHgSEBwHhQUB4EDg+xzs9b7ltXnR6v99tc61XzkedPnf699P/dyseBIQHAeFBQHgQEB4EhAcB4UHgc/r+salX5mDOh/xvbtsvV32fVjwICA8CwoOA8CAgPAgIDwLCg8B4P95tc6TT87TqHr9dTs8JT++rnKr2H9qPBw8QHgSEBwHhQUB4EBAeBIQHgfEc77b9VCvV3Oynzjmnr1+dt7nL6eda8SAgPAgIDwLCg4DwICA8CAgPAtvux3tlv9lp0/nPdA52et/gyvT1d833dv2uqvsDV6x4EBAeBIQHAeFBQHgQEB4EhAeBbXO8ldvOXazmZivVeZ675lrVXHEX9+PBFxEeBIQHAeFBQHgQEB4EhAeB43O8b7Nr39rKK3Ozan5bzWOnrHgQEB4EhAcB4UFAeBAQHgSEBwFzvD9O76/bZbqP7vR5mNUccuq2/ZNWPAgIDwLCg4DwICA8CAgPAsKDwPE5XrXfaeW2edT0dV7/+9vmkNPX2fV7tuJBQHgQEB4EhAcB4UFAeBAQHgS2zfGq+8122fX+d821dj13qno/1bz39FxxxYoHAeFBQHgQEB4EhAcB4UFAeBD43LZfDr6BFQ8CwoOA8CAgPAgIDwLCg4DwICA8CAgPAsKDgPAgIDwICA8CwoOA8CDwLzF4/0kW8W0CAAAAAElFTkSuQmCC'
                properties:
                  qrcode:
                    type: string
                    example: 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASgAAAEoCAIAAABkZftOAAAABnRSTlMA/wD/AP83WBt9AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAGFUlEQVR4nO3dsbJbJxRA0SiT//9lp7BbipOBbHhaq37WlWTtoTgDfH79+vUX8P/6u34D8I2EBwHhQUB4EBAeBIQHAeFBQHgQEB4EhAcB4UFAeBAQHgSEBwHhQeCf6T/4fD4n3sd2p/cZVt/D6nNN38/0+zn9+rueW5l+XiseBIQHAeFBQHgQEB4EhAcB4UFgPMdbqc7n3DXneWUOtnqd09//rvnhrvf/+u/NigcB4UFAeBAQHgSEBwHhQUB4ENg2x1vZNfeo5lRTp+dst+0zvG3e+MrvzYoHAeFBQHgQEB4EhAcB4UFAeBA4Pse7TTVfOm3X/G3XvruVn/r9T1nxICA8CAgPAsKDgPAgIDwICA8CXzfHWzl93mO1T2/13Oq+O36z4kFAeBAQHgSEBwHhQUB4EBAeBI7P8W6b/5w+P3P63Ol8r7rH7/Tn3eW239uKFQ8CwoOA8CAgPAgIDwLCg4DwILBtjnd6PrPLrrlZNadaOb0P8LbP+8rvbcWKBwHhQUB4EBAeBIQHAeFBQHgQGM/xXtnvtHJ6P57v57fT88PXWfEgIDwICA8CwoOA8CAgPAgIDwLjOV51r9qu/Vev7Lubvv7pfYa7nH7uK/f+WfEgIDwICA8CwoOA8CAgPAgIDwLH78dbqc57rOaBu17/dbvu69ulmvtZ8SAgPAgIDwLCg4DwICA8CAgPAp9dc5Xb5jOn993d9nmnqjnkK68/fe6UFQ8CwoOA8CAgPAgIDwLCg4DwIJDtx1up5m+n53W37a97ZT5ZzetOs+JBQHgQEB4EhAcB4UFAeBAQHgTGc7xd86jT52eenv9U99et3DYnnLrte5ieyzp9rhUPAsKDgPAgIDwICA8CwoOA8CAwPlfztNP72W6bC02fW80td6nmddX3v2LFg4DwICA8CAgPAsKDgPAgIDwIXDfHm7ptTjV1el40VZ1HOn0/K9V8b8qKBwHhQUB4EBAeBIQHAeFBQHgQGJ+redu+pm+7T++2+/eqfYOn9x/ajwc/kPAgIDwICA8CwoOA8CAgPAhsux9v131ir8+1TrvtvM1d9wSuVPcxnn4dKx4EhAcB4UFAeBAQHgSEBwHhQWB8rmY1l1s5fX7j6e9n6rb78W6bK75ynqcVDwLCg4DwICA8CAgPAsKDgPAgsO1+vJ96LuVtc8Xpc287r/IVztWEH0h4EBAeBIQHAeFBQHgQEB4Etu3Hm3p97vT6nHDltv1+U7ftn1yx4kFAeBAQHgSEBwHhQUB4EBAeBMb3463sujdv6vW52dTpOedtn/f0nLn6fqx4EBAeBIQHAeFBQHgQEB4EhAeBbXO8qWrf1Onn3rY/cNffT1+nuidw5bb5pBUPAsKDgPAgIDwICA8CwoOA8CCQzfFWpvOZ6lzH284XvW0f2ulzR18553PFigcB4UFAeBAQHgSEBwHhQUB4EDg+xzs9b7ltXnR6v99tc61XzkedPnf699P/dyseBIQHAeFBQHgQEB4EhAcB4UHgc/r+salX5mDOh/xvbtsvV32fVjwICA8CwoOA8CAgPAgIDwLCg8B4P95tc6TT87TqHr9dTs8JT++rnKr2H9qPBw8QHgSEBwHhQUB4EBAeBIQHgfEc77b9VCvV3Oynzjmnr1+dt7nL6eda8SAgPAgIDwLCg4DwICA8CAgPAtvux3tlv9lp0/nPdA52et/gyvT1d833dv2uqvsDV6x4EBAeBIQHAeFBQHgQEB4EhAeBbXO8ldvOXazmZivVeZ675lrVXHEX9+PBFxEeBIQHAeFBQHgQEB4EhAeB43O8b7Nr39rKK3Ozan5bzWOnrHgQEB4EhAcB4UFAeBAQHgSEBwFzvD9O76/bZbqP7vR5mNUccuq2/ZNWPAgIDwLCg4DwICA8CAgPAsKDwPE5XrXfaeW2edT0dV7/+9vmkNPX2fV7tuJBQHgQEB4EhAcB4UFAeBAQHgS2zfGq+8122fX+d821dj13qno/1bz39FxxxYoHAeFBQHgQEB4EhAcB4UFAeBD43LZfDr6BFQ8CwoOA8CAgPAgIDwLCg4DwICA8CAgPAsKDgPAgIDwICA8CwoOA8CDwLzF4/0kW8W0CAAAAAElFTkSuQmCC'
                required:
                  - qrcode
              examples:
                Example:
                  value:
                    qrcode: 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASgAAAEoCAIAAABkZftOAAAABnRSTlMA/wD/AP83WBt9AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAGFUlEQVR4nO3dsbJbJxRA0SiT//9lp7BbipOBbHhaq37WlWTtoTgDfH79+vUX8P/6u34D8I2EBwHhQUB4EBAeBIQHAeFBQHgQEB4EhAcB4UFAeBAQHgSEBwHhQeCf6T/4fD4n3sd2p/cZVt/D6nNN38/0+zn9+rueW5l+XiseBIQHAeFBQHgQEB4EhAcB4UFgPMdbqc7n3DXneWUOtnqd09//rvnhrvf/+u/NigcB4UFAeBAQHgSEBwHhQUB4ENg2x1vZNfeo5lRTp+dst+0zvG3e+MrvzYoHAeFBQHgQEB4EhAcB4UFAeBA4Pse7TTVfOm3X/G3XvruVn/r9T1nxICA8CAgPAsKDgPAgIDwICA8CXzfHWzl93mO1T2/13Oq+O36z4kFAeBAQHgSEBwHhQUB4EBAeBI7P8W6b/5w+P3P63Ol8r7rH7/Tn3eW239uKFQ8CwoOA8CAgPAgIDwLCg4DwILBtjnd6PrPLrrlZNadaOb0P8LbP+8rvbcWKBwHhQUB4EBAeBIQHAeFBQHgQGM/xXtnvtHJ6P57v57fT88PXWfEgIDwICA8CwoOA8CAgPAgIDwLjOV51r9qu/Vev7Lubvv7pfYa7nH7uK/f+WfEgIDwICA8CwoOA8CAgPAgIDwLH78dbqc57rOaBu17/dbvu69ulmvtZ8SAgPAgIDwLCg4DwICA8CAgPAp9dc5Xb5jOn993d9nmnqjnkK68/fe6UFQ8CwoOA8CAgPAgIDwLCg4DwIJDtx1up5m+n53W37a97ZT5ZzetOs+JBQHgQEB4EhAcB4UFAeBAQHgTGc7xd86jT52eenv9U99et3DYnnLrte5ieyzp9rhUPAsKDgPAgIDwICA8CwoOA8CAwPlfztNP72W6bC02fW80td6nmddX3v2LFg4DwICA8CAgPAsKDgPAgIDwIXDfHm7ptTjV1el40VZ1HOn0/K9V8b8qKBwHhQUB4EBAeBIQHAeFBQHgQGJ+redu+pm+7T++2+/eqfYOn9x/ajwc/kPAgIDwICA8CwoOA8CAgPAhsux9v131ir8+1TrvtvM1d9wSuVPcxnn4dKx4EhAcB4UFAeBAQHgSEBwHhQWB8rmY1l1s5fX7j6e9n6rb78W6bK75ynqcVDwLCg4DwICA8CAgPAsKDgPAgsO1+vJ96LuVtc8Xpc287r/IVztWEH0h4EBAeBIQHAeFBQHgQEB4Etu3Hm3p97vT6nHDltv1+U7ftn1yx4kFAeBAQHgSEBwHhQUB4EBAeBMb3463sujdv6vW52dTpOedtn/f0nLn6fqx4EBAeBIQHAeFBQHgQEB4EhAeBbXO8qWrf1Onn3rY/cNffT1+nuidw5bb5pBUPAsKDgPAgIDwICA8CwoOA8CCQzfFWpvOZ6lzH284XvW0f2ulzR18553PFigcB4UFAeBAQHgSEBwHhQUB4EDg+xzs9b7ltXnR6v99tc61XzkedPnf699P/dyseBIQHAeFBQHgQEB4EhAcB4UHgc/r+salX5mDOh/xvbtsvV32fVjwICA8CwoOA8CAgPAgIDwLCg8B4P95tc6TT87TqHr9dTs8JT++rnKr2H9qPBw8QHgSEBwHhQUB4EBAeBIQHgfEc77b9VCvV3Oynzjmnr1+dt7nL6eda8SAgPAgIDwLCg4DwICA8CAgPAtvux3tlv9lp0/nPdA52et/gyvT1d833dv2uqvsDV6x4EBAeBIQHAeFBQHgQEB4EhAeBbXO8ldvOXazmZivVeZ675lrVXHEX9+PBFxEeBIQHAeFBQHgQEB4EhAeB43O8b7Nr39rKK3Ozan5bzWOnrHgQEB4EhAcB4UFAeBAQHgSEBwFzvD9O76/bZbqP7vR5mNUccuq2/ZNWPAgIDwLCg4DwICA8CAgPAsKDwPE5XrXfaeW2edT0dV7/+9vmkNPX2fV7tuJBQHgQEB4EhAcB4UFAeBAQHgS2zfGq+8122fX+d821dj13qno/1bz39FxxxYoHAeFBQHgQEB4EhAcB4UFAeBD43LZfDr6BFQ8CwoOA8CAgPAgIDwLCg4DwICA8CAgPAsKDgPAgIDwICA8CwoOA8CDwLzF4/0kW8W0CAAAAAElFTkSuQmCC'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-twofaccounts-id-qrcode
      description: Returns a QR code that represents the 2FA account
  '/api/v1/twofaccounts/{id}/otp':
    parameters:
      - name: id
        in: path
        required: true
        schema:
          type: integer
          example: 1
        description: The ID of the resource
    get:
      summary: Get a One-Time password
      tags:
        - twofaccounts
        - one-time password
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Otp'
              examples:
                Example for TOTP:
                  value:
                    password: '225897'
                    otp_type: totp
                    generated_at: 1631304659
                    period: 30
                Example for HOTP:
                  value:
                    password: '225897'
                    otp_type: hotp
                    counter: 5
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-twofaccounts-id-otp
      description: Returns a fresh One-Time Password with related parameters for the existing account matching the specified ID
  /api/v1/twofaccounts/otp:
    parameters: []
    post:
      summary: Get a One-Time password
      tags:
        - twofaccounts
        - one-time password
      requestBody:
        content:
          application/json:
            schema:
              oneOf:
                - $ref: '#/components/schemas/2FAccountStore'
                - $ref: '#/components/schemas/OtpauthUri'
            examples: {}
        description: |-
          This endpoint accepts 2 different body schemas to generate a One-Time Password:
          - A JSON object with all properties to define a 2FA account
          - An otpauth URI
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Otp'
              examples:
                Eexample for TOTP:
                  value:
                    password: '225897'
                    otp_type: totp
                    generated_at: 1631304659
                    period: 30
                Example for HOTP:
                  value:
                    password: '225897'
                    otp_type: hotp
                    counter: 5
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/ValidationError'
      operationId: post-twofaccounts-otp
      description: Returns a fresh One-Time password with related parameters for account defined by the provided data
  /api/v1/twofaccounts/preview:
    post:
      summary: Preview 2FA account
      operationId: post-twofaccounts-preview
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountRead'
              examples:
                Example:
                  value:
                    id: 1
                    group_id: 1
                    service: MySite
                    account: john.doe
                    icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                    otp_type: totp
                    secret: GJTGC5LUNA
                    digits: 6
                    algorithm: sha1
                    period: 30
                    counter: null
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: |-
        Use this endpoint to preview a 2FA account described by an otpauth URI.
        It works exactly as if you POSTed an URI to create a 2FA account except it does not save anything in database.
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OtpauthUri'
            examples:
              Example:
                value:
                  uri: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA&issuer=MySite&period=30&algorithm=sha1&digits=6&image=https://www.example.com/image.png'
        description: ''
      tags:
        - twofaccounts
    parameters: []
  /api/v1/twofaccounts/reorder:
    post:
      summary: Save order of the 2FA accounts collection
      operationId: post-twofaccounts-reorder
      responses:
        '200':
          $ref: '#/components/responses/OK'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: Saves the order of 2FA accounts. This allows to always serve the 2FA accounts collection sorted in a user defined order.
      requestBody:
        content:
          application/json:
            schema:
              description: ''
              type: object
              properties:
                orderedIds:
                  type: array
                  uniqueItems: true
                  description: An array of 2FA account IDs ordered in the wished order
                  items:
                    type: integer
              required:
                - orderedIds
            examples:
              Example:
                value:
                  orderedIds:
                    - 3
                    - 1
                    - 4
                    - 2
        description: ''
      tags:
        - twofaccounts
    parameters: []
  /api/v1/twofaccounts/withdraw:
    patch:
      summary: Withdraw accounts from groups
      operationId: patch-twofaccounts-withdraw
      responses:
        '200':
          $ref: '#/components/responses/OK'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: Removes 2FA accounts from any group
      parameters:
        - $ref: '#/components/parameters/ids'
      tags:
        - twofaccounts
    parameters: []
  /api/v1/groups:
    get:
      summary: Get all groups
      tags:
        - groups
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GroupCollection'
              examples:
                Example:
                  value:
                    - id: 0
                      name: All
                      twofaccounts_count: 9
                    - id: 1
                      name: Social networks
                      twofaccounts_count: 4
        '401':
          $ref: '#/components/responses/Unauthorized'
      operationId: get-groups
      description: Find all existing groups
    post:
      summary: Create Group
      operationId: post-groups
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GroupRead'
              examples:
                Example:
                  value:
                    id: 1
                    name: Social networks
                    twofaccounts_count: 0
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GroupStore'
            examples:
              Example:
                value:
                  name: Social networks
      tags:
        - groups
      description: Creates a new group
    parameters: []
  '/api/v1/groups/{id}':
    parameters:
      - $ref: '#/components/parameters/id'
    get:
      summary: Find group by ID
      tags:
        - groups
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GroupRead'
              examples:
                Example:
                  value:
                    id: 1
                    name: Social networks
                    twofaccounts_count: 4
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-groups-id
      description: Returns a single group
    put:
      summary: Update group
      operationId: put-groups-id
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GroupRead'
              examples:
                Example:
                  value:
                    id: 1
                    name: Social networks
                    twofaccounts_count: 4
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: Updates a group
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GroupStore'
            examples:
              Example:
                value:
                  name: Social networks
      tags:
        - groups
    delete:
      summary: Delete group
      operationId: delete-groups-id
      description: Deletes a group. This will not delete any assigned 2FA accounts.
      responses:
        '204':
          description: No Content
        '404':
          $ref: '#/components/responses/NotFound'
      tags:
        - groups
  '/api/v1/groups/{id}/assign':
    parameters:
      - $ref: '#/components/parameters/id'
    post:
      summary: Add 2FA accounts to a group
      tags:
        - groups
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GroupRead'
              examples:
                Example:
                  value:
                    id: 1
                    name: Social networks
                    twofaccounts_count: 4
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/ValidationError'
      operationId: post-groups-id-assign
      description: Adds a list of 2FA accounts to a group. An account previously assigned to another group will be removed from its former group.
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                ids:
                  type: array
                  description: An array of 2FA account IDs
                  items:
                    type: integer
              required:
                - ids
            examples:
              Example:
                value:
                  ids:
                    - 1
                    - 5
                    - 9
  '/api/v1/groups/{id}/twofaccounts':
    parameters:
      - $ref: '#/components/parameters/id'
    get:
      summary: Get all 2FA accounts of a group
      tags:
        - groups
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/2FAccountCollection'
              examples:
                Example without secret:
                  value:
                    - id: 1
                      group_id: 1
                      service: MySite
                      account: john.doe
                      icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                      otp_type: totp
                      digits: 6
                      algorithm: sha1
                      period: 30
                      counter: null
                    - id: 2
                      group_id: 1
                      service: MyOtherSite
                      account: john.doe
                      icon: 1pawLLuMx4bOQkrZxM5CIQyFtVq25dtgMkU3rtST.png
                      otp_type: hotp
                      digits: 8
                      algorithm: sha1
                      period: null
                      counter: 15
                Example with secret:
                  value:
                    - id: 1
                      group_id: 1
                      service: MySite
                      account: john.doe
                      icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
                      otp_type: totp
                      digits: 6
                      algorithm: sha1
                      secret: GJTGC5LUNA
                      period: 30
                      counter: null
                    - id: 2
                      group_id: 1
                      service: MyOtherSite
                      account: john.doe
                      icon: 1pawLLuMx4bOQkrZxM5CIQyFtVq25dtgMkU3rtST.png
                      otp_type: hotp
                      digits: 8
                      algorithm: sha1
                      secret: QD5TG6UUJ89F44GV
                      period: null
                      counter: 15
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-groups-id-twofaccounts
      description: Finds all existing 2FA accounts assigned to a group
      parameters:
        - $ref: '#/components/parameters/withSecret'
  /api/v1/icons:
    post:
      summary: Upload an icon
      tags:
        - icons
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                description: ''
                type: object
                x-examples:
                  example-1:
                    filename: wspRWRSCo62kY76JFquzqq8Y2jJO1iEowZ3JsMCw.png
                properties:
                  filename:
                    type: string
                    example: wspRWRSCo62kY76JFquzqq8Y2jJO1iEowZ3JsMCw.png
                    description: The icon filename
                required:
                  - filename
              examples:
                Example:
                  value:
                    filename: wspRWRSCo62kY76JFquzqq8Y2jJO1iEowZ3JsMCw.png
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      operationId: post-icons
      description: 'Use this endpoint to upload and store an icon (an image file: jpeg, png, bmp, gif, svg, or webp) on the server'
      requestBody:
        content:
          multipart/form-data:
            schema:
              type: object
              format: binary
              properties:
                icon:
                  type: string
                  description: An image file
              required:
                - icon
            examples:
              Example:
                value:
                  icon: string
        description: ''
    parameters: []
  '/api/v1/icons/{filename}':
    parameters:
      - schema:
          type: string
          example: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
        name: filename
        in: path
        required: true
        description: Filename (with extension) of the icon file to delete from the server
    delete:
      summary: Delete an icon
      operationId: delete-icons-filename
      responses:
        '204':
          description: No Content
        '401':
          $ref: '#/components/responses/Unauthorized'
      description: Deletes an icon from the server
      tags:
        - icons
  /api/v1/qrcode/decode:
    post:
      summary: Decode a QR code
      operationId: post-qrcode-decode
      description: 'Use this endpoint to decode a QR code (an image file: jpeg, png, bmp, gif, svg, or webp)'
      requestBody:
        content:
          multipart/form-data:
            schema:
              type: object
              format: binary
              properties:
                qrcode:
                  type: string
                  description: A QR code image file
              required:
                - qrcode
            examples:
              Example:
                value:
                  qrcode: string
        description: ''
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                description: ''
                type: object
                x-examples:
                  example-1:
                    data: 'otpauth://totp/Mysite:john.doe?issuer=Mysite&secret=J52HAU3FMNZGK5A'
                properties:
                  data:
                    type: string
                    example: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA'
                    description: The data encoded in the QR code
                required:
                  - data
              examples:
                Example:
                  value:
                    data: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA'
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                description: ''
                type: object
                x-examples:
                  example-1:
                    message: not a valid QR code
                properties:
                  message:
                    type: string
                    description: An information message
                required:
                  - message
              examples:
                Example:
                  value:
                    message: not a valid QR code
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      tags:
        - qrcode
    parameters: []
  /api/v1/settings:
    get:
      summary: Get all settings
      tags:
        - settings
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SettingCollection'
              examples:
                Example:
                  value:
                    - key: displayMode
                      value: grid
                    - key: showTokenAsDot
                      value: true
                    - key: kickUserAfter
                      value: 5
        '401':
          $ref: '#/components/responses/Unauthorized'
      operationId: get-settings
      description: List all settings. This includes 2FAuth native settings and possible additional user-defined settings.
    parameters: []
    post:
      summary: Create custom setting
      operationId: post-settings
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Setting'
              examples:
                Example:
                  value:
                    key: displayMode
                    value: grid
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: Creates a new custom setting. You are free to use this endpoint to store any data you need for your own app.
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/Setting'
            examples:
              Example:
                value:
                  key: displayMode
                  value: grid
      tags:
        - settings
  '/api/v1/settings/{name}':
    parameters:
      - $ref: '#/components/parameters/name'
    get:
      summary: Find setting by name
      tags:
        - settings
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Setting'
              examples:
                Example:
                  value:
                    key: displayMode
                    value: grid
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      operationId: get-settings-name
      description: 'Returns a single setting, whether it is a native 2FAuth setting or a custom setting'
    put:
      summary: Update setting
      operationId: put-settings-name
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Setting'
              examples:
                Example:
                  value:
                    key: displayMode
                    value: grid
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
      description: 'Updates a setting, whether it is a native 2FAuth setting or a custom setting. Will create the setting if it does not exist.'
      requestBody:
        content:
          application/json:
            schema:
              type: object
              properties:
                value:
                  type: string
                  description: Value of the setting
                  example: myValue
              required:
                - value
            examples:
              Example:
                value:
                  value: myValue
      tags:
        - settings
    delete:
      summary: Delete custom setting
      operationId: delete-settings-name
      responses:
        '204':
          description: No Content
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
      description: Deletes a custom setting
      tags:
        - settings
  /api/v1/user/name:
    get:
      summary: Get user name
      tags:
        - user
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                type: object
                properties:
                  name:
                    type:
                      - string
                      - 'null'
                    description: Username
                    example: John
                required:
                  - name
              examples:
                Example when a user exist:
                  value:
                    name: John
                Example when no user exist:
                  value:
                    name: null
      operationId: get-user-name
      security: []
      description: 'Use this endpoint to check if a registered user exists by getting its name, null otherwise'
    parameters: []
components:
  schemas:
    2FAccountStore:
      title: Store 2FAccount schema
      type: object
      description: Expected informations to create or preview a 2FA account
      examples:
        - service: MySite
          account: john.doe
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          otp_type: totp
          secret: GJTGC5LUNA
          digits: 6
          algorithm: sha1
          period: 30
          counter: null
        - service: MySite
          account: john.doe
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          otp_type: hotp
          secret: GJTGC5LUNA
          digits: 6
          algorithm: sha1
          period: null
          counter: 0
        - account: john.doe
          otp_type: totp
      properties:
        service:
          type:
            - string
            - 'null'
          description: The Issuer of the 2FA account
          example: MySite
          pattern: '^[^:]+$'
        account:
          type: string
          description: The Label of the 2FA account
          example: john.doe
          pattern: '^[^:]+$'
        icon:
          type:
            - string
            - 'null'
          example: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          description: The filename of the icon which decorate the 2FA account
        otp_type:
          type: string
          enum:
            - totp
            - hotp
          example: totp
          description: The type of 2FA account
        secret:
          type:
            - string
            - 'null'
          description: A base32 encoded string used by the cryptographic algorithm to generate the One-Time Password.
          example: GJTGC5LUNA
        digits:
          type:
            - integer
            - 'null'
          example: 6
          description: The number of digits of the generated One-Time Password
        algorithm:
          type:
            - string
            - 'null'
          enum:
            - sha1
            - sha256
            - sha512
            - md5
          example: sha1
          description: The algorithm used to generate the One-Time Password
          default: sha1
        period:
          type:
            - integer
            - 'null'
          default: 30
          example: 30
          description: 'For TOTP only: The validity duration of One-Time Password generated for the account'
        counter:
          type:
            - integer
            - 'null'
          example: 15
          description: 'for HOTP only: The value of the counter used to synchronize the account with its verification servers'
          default: 0
      required:
        - account
        - otp_type
    2FAccountRead:
      description: A single 2-Factor-Auth (2FA) account
      x-examples:
        example-1:
          service: MySite
          account: john.doe
          otp_type: totp
          uri: ''
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          secret: GJTGC5LUNA
          secretIsBase32Encoded: 1
          algorithm: sha1
          digits: 6
          hotpCounter: null
          totpPeriod: 30
          imageLink: 'https://www.example.com/image.png'
      examples:
        - id: 1
          group_id: 1
          service: MySite
          account: john.doe
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          otp_type: totp
          secret: GJTGC5LUNA
          digits: 6
          algorithm: sha1
          period: 30
          counter: null
      title: Read 2FA Account schema
      allOf:
        - type: object
          properties:
            id:
              type:
                - integer
                - 'null'
              example: 1
              description: ID of the 2FA account
              minimum: 1
            group_id:
              type:
                - integer
                - 'null'
              example: 1
              description: The ID of the group the 2FA account belongs to
              minimum: 1
          required:
            - id
            - group_id
        - $ref: '#/components/schemas/2FAccountStore'
    2FAccountUpdate:
      title: Update 2FA Account schema
      type: object
      description: Expected informations to update a 2FA account
      examples:
        - service: MySite
          account: john.doe
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          otp_type: totp
          secret: GJTGC5LUNA
          digits: 6
          algorithm: sha1
          period: 30
        - service: MySite
          account: john.doe
          icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          otp_type: hotp
          secret: GJTGC5LUNA
          digits: 6
          algorithm: sha1
          counter: 0
      properties:
        service:
          type:
            - string
            - 'null'
          description: The Issuer of the 2FA account
          example: MySite
          pattern: '^[^:]+$'
        account:
          type: string
          description: The Label of the 2FA account
          example: john.doe
          pattern: '^[^:]+$'
        icon:
          type:
            - string
            - 'null'
          example: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
          description: The filename of the icon which decorate the 2FA account
        otp_type:
          type: string
          enum:
            - totp
            - hotp
          example: totp
          description: The type of 2FA account
        secret:
          type: string
          description: A base32 encoded string used by the cryptographic algorithm to generate the One-Time Password
          example: GJTGC5LUNA
        digits:
          type: integer
          example: 6
          description: The number of digits of the generated One-Time Password
        algorithm:
          type: string
          enum:
            - sha1
            - sha256
            - sha512
            - md5
          example: sha1
          description: The algorithm used to generate the One-Time Password
        period:
          type: integer
          example: 30
          description: 'Required for TOTP only: The validity duration of One-Time Password generated for the account'
        counter:
          type: integer
          example: 15
          description: 'Required for HOTP only: The value of the counter used to synchronize the account with its verification servers'
      required:
        - service
        - account
        - icon
        - otp_type
        - secret
        - digits
        - algorithm
    2FAccountCollection:
      title: 2FA Accounts Collection schema
      description: An array of 2FA accounts
      examples:
        - - id: 1
            group_id: 1
            service: MySite
            account: john.doe
            icon: ZMlzmrPsrWSWVt4fZouFVrt2w38D0PnXiyZQvDcY.png
            otp_type: totp
            digits: 6
            algorithm: sha1
            secret: GJTGC5LUNA
            period: 30
            counter: null
          - id: 2
            group_id: 1
            service: MyOtherSite
            account: john.doe
            icon: 1pawLLuMx4bOQkrZxM5CIQyFtVq25dtgMkU3rtST.png
            otp_type: hotp
            digits: 8
            algorithm: sha1
            secret: QD5TG6UUJ89F44GV
            period: null
            counter: 15
      type: array
      items:
        $ref: '#/components/schemas/2FAccountRead'
    Otp:
      title: Otp schema
      type: object
      description: One-Time password
      examples:
        - password: '225897'
          otp_type: totp
          generated_at: 1631304659
          period: 30
        - password: '225897'
          otp_type: hotp
          counter: 5
      properties:
        password:
          type: string
          description: the One-Time Password
          minLength: 6
          maxLength: 10
          example: '225897'
        otp_type:
          type: string
          description: The type of the One-Time Password
          enum:
            - totp
            - hotp
          example: totp
        generated_at:
          type: integer
          description: 'TOTP only: The timestamp of the generation time'
          example: 1631304659
        period:
          type: integer
          description: 'TOTP only: The validity period of the password'
          example: 30
        counter:
          type: integer
          description: 'HOTP only: The number of password computing iterations'
          example: 5
      required:
        - password
        - otp_type
    OtpauthUri:
      title: OtpauthUri schema
      type: object
      examples:
        - uri: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA&issuer=MySite&period=30&algorithm=sha1&digits=6&image=https://www.example.com/image.png'
      properties:
        uri:
          type: string
          example: 'otpauth://totp/MySite:john.doe?secret=GJTGC5LUNA&issuer=MySite&period=30&algorithm=sha1&digits=6&image=https://www.example.com/image.png'
          pattern: '^otpauth:\/\/(totp|hotp)\/.+'
          format: uri
          description: A URI which describe a 2FA account (usually encoded as a QR code) following the otpauth format
      required:
        - uri
      description: An otpauth URI
    GroupRead:
      title: Read Group schema
      type: object
      description: A Group resource
      examples:
        - id: 1
          name: Social networks
          twofaccounts_count: 4
      properties:
        id:
          type: integer
          example: 1
          description: ID of the Group
          minimum: 0
        name:
          type: string
          example: Social networks
          description: Name of the Group
          maxLength: 32
        twofaccounts_count:
          type: integer
          description: Number of 2FA accounts in the group
          minimum: 0
          example: 4
      required:
        - id
        - name
        - twofaccounts_count
    GroupStore:
      title: Store Group schema
      type: object
      properties:
        name:
          type: string
          maxLength: 32
          example: Social networks
          description: The name of the group
      required:
        - name
      examples:
        - name: Social networks
      description: Expected informations to create a group
    GroupCollection:
      title: Group Collection schema
      type: array
      description: An array of Groups
      examples:
        - - id: 0
            name: All
            twofaccounts_count: 9
          - id: 1
            name: Social networks
            twofaccounts_count: 4
      items:
        $ref: '#/components/schemas/GroupRead'
    Setting:
      title: Setting schema
      type: object
      examples:
        - key: displayMode
          value: grid
      description: A setting resource
      properties:
        key:
          type: string
          description: Name of the setting
          example: displayMode
          maxLength: 128
          pattern: '^[a-zA-Z]+'
        value:
          type:
            - string
            - boolean
            - integer
          description: Value of the setting
          example: grid
      required:
        - key
        - value
    SettingCollection:
      title: Setting Collection schema
      type: array
      items:
        $ref: '#/components/schemas/Setting'
      description: An array of settings
      examples:
        - - key: displayMode
            value: grid
          - key: showTokenAsDot
            value: true
          - key: kickUserAfter
            value: 5
  parameters:
    id:
      name: id
      in: path
      required: true
      schema:
        type: integer
        example: 1
        minimum: 1
      description: The ID of the resource
    withSecret:
      name: withSecret
      in: query
      required: false
      schema:
        type: boolean
      description: Set to true (or 1) to append the Secret property to the returned 2FA account
    ids:
      name: ids
      in: query
      required: true
      schema:
        type: string
        pattern: '^\d+(,{1}\d+)*$'
        example: '1,5,18'
      description: A comma-separated list of IDs. A maximum of 100 IDs may be provided
    name:
      name: name
      in: path
      required: true
      schema:
        type: string
        pattern: '^[a-zA-Z]+'
        maxLength: 128
        example: displayMode
      description: Name of the setting
  responses:
    NotFound:
      description: Not Found
      content:
        application/json:
          schema:
            type: object
            description: ''
            properties:
              message:
                type: string
                description: An information message
                example: Model not found
            required:
              - message
          examples:
            Example:
              value:
                message: Model not found
    Unauthorized:
      description: Unauthorized
      content:
        application/json:
          schema:
            type: object
            properties:
              message:
                type: string
                description: An information message
                example: Unauthenticated
            required:
              - message
          examples:
            Example:
              value:
                message: Unauthenticated.
    ValidationError:
      description: Validation errors
      content:
        application/json:
          schema:
            type: object
            properties:
              message:
                type: string
                description: An information message
                example: The given data was invalid
              errors:
                description: A collection of fields with their respective errors
                type: object
                properties:
                  fieldName:
                    type: array
                    description: A field with errors
                    items:
                      type: string
                      example: The field2 must be a number
            required:
              - message
              - errors
          examples:
            Example:
              value:
                message: The given data was invalid.
                errors:
                  field1:
                    - The field1 is required.
                    - The field1 must be a string.
                  field2:
                    - The field2 must be a number.
    OK:
      description: OK
      content:
        application/json:
          schema:
            description: ''
            type: object
            x-examples:
              example-1:
                message: success
            properties:
              message:
                type: string
                description: An information message
                example: success
            required:
              - message
          examples:
            Example:
              value:
                message: success
    BadRequest:
      description: Bad request
      content:
        application/json:
          schema:
            description: ''
            type: object
            x-examples:
              example-1:
                message: success
            properties:
              message:
                type: string
                description: An information message
                example: bad request
              reason:
                type: object
                description: The reasons why the error occured
                properties:
                  param1:
                    type: string
                    description: A reason
                    example: This request accept only one parameter
            required:
              - message
          examples:
            Example:
              value:
                message: bad request
                reason:
                  param1: This request accept only one parameter
  securitySchemes:
    Bearer-Auth:
      type: http
      scheme: bearer
      description: Provide your bearer token in the Authorization header when making requests to protected resources. See the 'Settings > OAuth' section of your 2FAuth instance to generate personal access tokens.
  requestBodies: {}
tags:
  - name: groups
  - name: icons
  - name: one-time password
  - name: qrcode
  - name: settings
  - name: twofaccounts
  - name: user
security:
  - Bearer-Auth: []