mirror of
https://github.com/coder/coder.git
synced 2025-07-12 00:14:10 +00:00
6f2834f62a
## Summary
This PR implements critical MCP OAuth2 compliance features for Coder's authorization server, adding PKCE support, resource parameter handling, and OAuth2 server metadata discovery. This brings Coder's OAuth2 implementation significantly closer to production readiness for MCP (Model Context Protocol)
integrations.
## What's Added
### OAuth2 Authorization Server Metadata (RFC 8414)
- Add `/.well-known/oauth-authorization-server` endpoint for automatic client discovery
- Returns standardized metadata including supported grant types, response types, and PKCE methods
- Essential for MCP client compatibility and OAuth2 standards compliance
### PKCE Support (RFC 7636)
- Implement Proof Key for Code Exchange with S256 challenge method
- Add `code_challenge` and `code_challenge_method` parameters to authorization flow
- Add `code_verifier` validation in token exchange
- Provides enhanced security for public clients (mobile apps, CLIs)
### Resource Parameter Support (RFC 8707)
- Add `resource` parameter to authorization and token endpoints
- Store resource URI and bind tokens to specific audiences
- Critical for MCP's resource-bound token model
### Enhanced OAuth2 Error Handling
- Add OAuth2-compliant error responses with proper error codes
- Use standard error format: `{"error": "code", "error_description": "details"}`
- Improve error consistency across OAuth2 endpoints
### Authorization UI Improvements
- Fix authorization flow to use POST-based consent instead of GET redirects
- Remove dependency on referer headers for security decisions
- Improve CSRF protection with proper state parameter validation
## Why This Matters
**For MCP Integration:** MCP requires OAuth2 authorization servers to support PKCE, resource parameters, and metadata discovery. Without these features, MCP clients cannot securely authenticate with Coder.
**For Security:** PKCE prevents authorization code interception attacks, especially critical for public clients. Resource binding ensures tokens are only valid for intended services.
**For Standards Compliance:** These are widely adopted OAuth2 extensions that improve interoperability with modern OAuth2 clients.
## Database Changes
- **Migration 000343:** Adds `code_challenge`, `code_challenge_method`, `resource_uri` to `oauth2_provider_app_codes`
- **Migration 000343:** Adds `audience` field to `oauth2_provider_app_tokens` for resource binding
- **Audit Updates:** New OAuth2 fields properly tracked in audit system
- **Backward Compatibility:** All changes maintain compatibility with existing OAuth2 flows
## Test Coverage
- Comprehensive PKCE test suite in `coderd/identityprovider/pkce_test.go`
- OAuth2 metadata endpoint tests in `coderd/oauth2_metadata_test.go`
- Integration tests covering PKCE + resource parameter combinations
- Negative tests for invalid PKCE verifiers and malformed requests
## Testing Instructions
```bash
# Run the comprehensive OAuth2 test suite
./scripts/oauth2/test-mcp-oauth2.sh
Manual Testing with Interactive Server
# Start Coder in development mode
./scripts/develop.sh
# In another terminal, set up test app and run interactive flow
eval $(./scripts/oauth2/setup-test-app.sh)
./scripts/oauth2/test-manual-flow.sh
# Opens browser with OAuth2 flow, handles callback automatically
# Clean up when done
./scripts/oauth2/cleanup-test-app.sh
Individual Component Testing
# Test metadata endpoint
curl -s http://localhost:3000/.well-known/oauth-authorization-server | jq .
# Test PKCE generation
./scripts/oauth2/generate-pkce.sh
# Run specific test suites
go test -v ./coderd/identityprovider -run TestVerifyPKCE
go test -v ./coderd -run TestOAuth2AuthorizationServerMetadata
```
### Breaking Changes
None. All changes maintain backward compatibility with existing OAuth2 flows.
---
Change-Id: Ifbd0d9a543d545f9f56ecaa77ff2238542ff954a
Signed-off-by: Thomas Kosiewski <tk@coder.com>
155 KiB
Generated
155 KiB
Generated
Enterprise
OAuth2 authorization server metadata
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/.well-known/oauth-authorization-server \
-H 'Accept: application/json'
GET /.well-known/oauth-authorization-server
Example responses
200 Response
{
"authorization_endpoint": "string",
"code_challenge_methods_supported": [
"string"
],
"grant_types_supported": [
"string"
],
"issuer": "string",
"registration_endpoint": "string",
"response_types_supported": [
"string"
],
"scopes_supported": [
"string"
],
"token_endpoint": "string",
"token_endpoint_auth_methods_supported": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OAuth2AuthorizationServerMetadata |
Get appearance
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/appearance \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /appearance
Example responses
200 Response
{
"announcement_banners": [
{
"background_color": "string",
"enabled": true,
"message": "string"
}
],
"application_name": "string",
"docs_url": "string",
"logo_url": "string",
"service_banner": {
"background_color": "string",
"enabled": true,
"message": "string"
},
"support_links": [
{
"icon": "bug",
"name": "string",
"target": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.AppearanceConfig |
To perform this operation, you must be authenticated. Learn more.
Update appearance
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/appearance \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PUT /appearance
Body parameter
{
"announcement_banners": [
{
"background_color": "string",
"enabled": true,
"message": "string"
}
],
"application_name": "string",
"logo_url": "string",
"service_banner": {
"background_color": "string",
"enabled": true,
"message": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.UpdateAppearanceConfig | true | Update appearance request |
Example responses
200 Response
{
"announcement_banners": [
{
"background_color": "string",
"enabled": true,
"message": "string"
}
],
"application_name": "string",
"logo_url": "string",
"service_banner": {
"background_color": "string",
"enabled": true,
"message": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.UpdateAppearanceConfig |
To perform this operation, you must be authenticated. Learn more.
Get entitlements
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/entitlements \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /entitlements
Example responses
200 Response
{
"errors": [
"string"
],
"features": {
"property1": {
"actual": 0,
"enabled": true,
"entitlement": "entitled",
"limit": 0
},
"property2": {
"actual": 0,
"enabled": true,
"entitlement": "entitled",
"limit": 0
}
},
"has_license": true,
"refreshed_at": "2019-08-24T14:15:22Z",
"require_telemetry": true,
"trial": true,
"warnings": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Entitlements |
To perform this operation, you must be authenticated. Learn more.
Get groups
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/groups?organization=string&has_member=string&group_ids=string \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
query | string | true | Organization ID or name |
has_member |
query | string | true | User ID or name |
group_ids |
query | string | true | Comma separated list of group IDs |
Example responses
200 Response
[
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Group |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» avatar_url |
string | false | ||
» display_name |
string | false | ||
» id |
string(uuid) | false | ||
» members |
array | false | ||
»» avatar_url |
string(uri) | false | ||
»» created_at |
string(date-time) | true | ||
»» email |
string(email) | true | ||
»» id |
string(uuid) | true | ||
»» last_seen_at |
string(date-time) | false | ||
»» login_type |
codersdk.LoginType | false | ||
»» name |
string | false | ||
»» status |
codersdk.UserStatus | false | ||
»» theme_preference |
string | false | Deprecated: this value should be retrieved from codersdk.UserPreferenceSettings instead. |
|
»» updated_at |
string(date-time) | false | ||
»» username |
string | true | ||
» name |
string | false | ||
» organization_display_name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_name |
string | false | ||
» quota_allowance |
integer | false | ||
» source |
codersdk.GroupSource | false | ||
» total_member_count |
integer | false | How many members are in this group. Shows the total count, even if the user is not authorized to read group member details. May be greater than len(Group.Members). |
Enumerated Values
| Property | Value |
|---|---|
login_type |
`` |
login_type |
password |
login_type |
github |
login_type |
oidc |
login_type |
token |
login_type |
none |
status |
active |
status |
suspended |
source |
user |
source |
oidc |
To perform this operation, you must be authenticated. Learn more.
Get group by ID
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/groups/{group} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /groups/{group}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
group |
path | string | true | Group id |
Example responses
200 Response
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Group |
To perform this operation, you must be authenticated. Learn more.
Delete group by name
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/groups/{group} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
DELETE /groups/{group}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
group |
path | string | true | Group name |
Example responses
200 Response
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Group |
To perform this operation, you must be authenticated. Learn more.
Update group by name
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/groups/{group} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /groups/{group}
Body parameter
{
"add_users": [
"string"
],
"avatar_url": "string",
"display_name": "string",
"name": "string",
"quota_allowance": 0,
"remove_users": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
group |
path | string | true | Group name |
body |
body | codersdk.PatchGroupRequest | true | Patch group request |
Example responses
200 Response
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Group |
To perform this operation, you must be authenticated. Learn more.
Get licenses
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/licenses \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /licenses
Example responses
200 Response
[
{
"claims": {},
"id": 0,
"uploaded_at": "2019-08-24T14:15:22Z",
"uuid": "095be615-a8ad-4c33-8e9c-c7612fbf6c9f"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.License |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» claims |
object | false | Claims are the JWT claims asserted by the license. Here we use a generic string map to ensure that all data from the server is parsed verbatim, not just the fields this version of Coder understands. | |
» id |
integer | false | ||
» uploaded_at |
string(date-time) | false | ||
» uuid |
string(uuid) | false |
To perform this operation, you must be authenticated. Learn more.
Delete license
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/licenses/{id} \
-H 'Coder-Session-Token: API_KEY'
DELETE /licenses/{id}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
id |
path | string(number) | true | License ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK |
To perform this operation, you must be authenticated. Learn more.
Update notification template dispatch method
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/notifications/templates/{notification_template}/method \
-H 'Coder-Session-Token: API_KEY'
PUT /notifications/templates/{notification_template}/method
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
notification_template |
path | string | true | Notification template UUID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Success | |
| 304 | Not Modified | Not modified |
To perform this operation, you must be authenticated. Learn more.
Get OAuth2 applications
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/oauth2-provider/apps \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /oauth2-provider/apps
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
user_id |
query | string | false | Filter by applications authorized for a user |
Example responses
200 Response
[
{
"callback_url": "string",
"endpoints": {
"authorization": "string",
"device_authorization": "string",
"token": "string"
},
"icon": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.OAuth2ProviderApp |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» callback_url |
string | false | ||
» endpoints |
codersdk.OAuth2AppEndpoints | false | Endpoints are included in the app response for easier discovery. The OAuth2 spec does not have a defined place to find these (for comparison, OIDC has a '/.well-known/openid-configuration' endpoint). | |
»» authorization |
string | false | ||
»» device_authorization |
string | false | Device authorization is optional. | |
»» token |
string | false | ||
» icon |
string | false | ||
» id |
string(uuid) | false | ||
» name |
string | false |
To perform this operation, you must be authenticated. Learn more.
Create OAuth2 application
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/oauth2-provider/apps \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /oauth2-provider/apps
Body parameter
{
"callback_url": "string",
"icon": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.PostOAuth2ProviderAppRequest | true | The OAuth2 application to create. |
Example responses
200 Response
{
"callback_url": "string",
"endpoints": {
"authorization": "string",
"device_authorization": "string",
"token": "string"
},
"icon": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OAuth2ProviderApp |
To perform this operation, you must be authenticated. Learn more.
Get OAuth2 application
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/oauth2-provider/apps/{app} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /oauth2-provider/apps/{app}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
Example responses
200 Response
{
"callback_url": "string",
"endpoints": {
"authorization": "string",
"device_authorization": "string",
"token": "string"
},
"icon": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OAuth2ProviderApp |
To perform this operation, you must be authenticated. Learn more.
Update OAuth2 application
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/oauth2-provider/apps/{app} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PUT /oauth2-provider/apps/{app}
Body parameter
{
"callback_url": "string",
"icon": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
body |
body | codersdk.PutOAuth2ProviderAppRequest | true | Update an OAuth2 application. |
Example responses
200 Response
{
"callback_url": "string",
"endpoints": {
"authorization": "string",
"device_authorization": "string",
"token": "string"
},
"icon": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OAuth2ProviderApp |
To perform this operation, you must be authenticated. Learn more.
Delete OAuth2 application
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/oauth2-provider/apps/{app} \
-H 'Coder-Session-Token: API_KEY'
DELETE /oauth2-provider/apps/{app}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content |
To perform this operation, you must be authenticated. Learn more.
Get OAuth2 application secrets
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/oauth2-provider/apps/{app}/secrets \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /oauth2-provider/apps/{app}/secrets
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
Example responses
200 Response
[
{
"client_secret_truncated": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_used_at": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.OAuth2ProviderAppSecret |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» client_secret_truncated |
string | false | ||
» id |
string(uuid) | false | ||
» last_used_at |
string | false |
To perform this operation, you must be authenticated. Learn more.
Create OAuth2 application secret
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/oauth2-provider/apps/{app}/secrets \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /oauth2-provider/apps/{app}/secrets
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
Example responses
200 Response
[
{
"client_secret_full": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.OAuth2ProviderAppSecretFull |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» client_secret_full |
string | false | ||
» id |
string(uuid) | false |
To perform this operation, you must be authenticated. Learn more.
Delete OAuth2 application secret
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/oauth2-provider/apps/{app}/secrets/{secretID} \
-H 'Coder-Session-Token: API_KEY'
DELETE /oauth2-provider/apps/{app}/secrets/{secretID}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
app |
path | string | true | App ID |
secretID |
path | string | true | Secret ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content |
To perform this operation, you must be authenticated. Learn more.
OAuth2 authorization request (GET - show authorization page)
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/oauth2/authorize?client_id=string&state=string&response_type=code \
-H 'Coder-Session-Token: API_KEY'
GET /oauth2/authorize
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
client_id |
query | string | true | Client ID |
state |
query | string | true | A random unguessable string |
response_type |
query | string | true | Response type |
redirect_uri |
query | string | false | Redirect here after authorization |
scope |
query | string | false | Token scopes (currently ignored) |
Enumerated Values
| Parameter | Value |
|---|---|
response_type |
code |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Returns HTML authorization page |
To perform this operation, you must be authenticated. Learn more.
OAuth2 authorization request (POST - process authorization)
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/oauth2/authorize?client_id=string&state=string&response_type=code \
-H 'Coder-Session-Token: API_KEY'
POST /oauth2/authorize
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
client_id |
query | string | true | Client ID |
state |
query | string | true | A random unguessable string |
response_type |
query | string | true | Response type |
redirect_uri |
query | string | false | Redirect here after authorization |
scope |
query | string | false | Token scopes (currently ignored) |
Enumerated Values
| Parameter | Value |
|---|---|
response_type |
code |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 302 | Found | Returns redirect with authorization code |
To perform this operation, you must be authenticated. Learn more.
OAuth2 token exchange
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/oauth2/tokens \
-H 'Accept: application/json'
POST /oauth2/tokens
Body parameter
client_id: string
client_secret: string
code: string
refresh_token: string
grant_type: authorization_code
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | object | false | |
» client_id |
body | string | false | Client ID, required if grant_type=authorization_code |
» client_secret |
body | string | false | Client secret, required if grant_type=authorization_code |
» code |
body | string | false | Authorization code, required if grant_type=authorization_code |
» refresh_token |
body | string | false | Refresh token, required if grant_type=refresh_token |
» grant_type |
body | string | true | Grant type |
Enumerated Values
| Parameter | Value |
|---|---|
» grant_type |
authorization_code |
» grant_type |
refresh_token |
Example responses
200 Response
{
"access_token": "string",
"expires_in": 0,
"expiry": "string",
"refresh_token": "string",
"token_type": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | oauth2.Token |
Delete OAuth2 application tokens
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/oauth2/tokens?client_id=string \
-H 'Coder-Session-Token: API_KEY'
DELETE /oauth2/tokens
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
client_id |
query | string | true | Client ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content |
To perform this operation, you must be authenticated. Learn more.
Get groups by organization
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/groups \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
[
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Group |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» avatar_url |
string | false | ||
» display_name |
string | false | ||
» id |
string(uuid) | false | ||
» members |
array | false | ||
»» avatar_url |
string(uri) | false | ||
»» created_at |
string(date-time) | true | ||
»» email |
string(email) | true | ||
»» id |
string(uuid) | true | ||
»» last_seen_at |
string(date-time) | false | ||
»» login_type |
codersdk.LoginType | false | ||
»» name |
string | false | ||
»» status |
codersdk.UserStatus | false | ||
»» theme_preference |
string | false | Deprecated: this value should be retrieved from codersdk.UserPreferenceSettings instead. |
|
»» updated_at |
string(date-time) | false | ||
»» username |
string | true | ||
» name |
string | false | ||
» organization_display_name |
string | false | ||
» organization_id |
string(uuid) | false | ||
» organization_name |
string | false | ||
» quota_allowance |
integer | false | ||
» source |
codersdk.GroupSource | false | ||
» total_member_count |
integer | false | How many members are in this group. Shows the total count, even if the user is not authorized to read group member details. May be greater than len(Group.Members). |
Enumerated Values
| Property | Value |
|---|---|
login_type |
`` |
login_type |
password |
login_type |
github |
login_type |
oidc |
login_type |
token |
login_type |
none |
status |
active |
status |
suspended |
source |
user |
source |
oidc |
To perform this operation, you must be authenticated. Learn more.
Create group for organization
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/organizations/{organization}/groups \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /organizations/{organization}/groups
Body parameter
{
"avatar_url": "string",
"display_name": "string",
"name": "string",
"quota_allowance": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
body |
body | codersdk.CreateGroupRequest | true | Create group request |
Example responses
201 Response
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Created | codersdk.Group |
To perform this operation, you must be authenticated. Learn more.
Get group by organization and group name
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/groups/{groupName} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/groups/{groupName}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
groupName |
path | string | true | Group name |
Example responses
200 Response
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Group |
To perform this operation, you must be authenticated. Learn more.
Get workspace quota by user
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/members/{user}/workspace-quota \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/members/{user}/workspace-quota
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
user |
path | string | true | User ID, name, or me |
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
{
"budget": 0,
"credits_consumed": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.WorkspaceQuota |
To perform this operation, you must be authenticated. Learn more.
Serve provisioner daemon
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/provisionerdaemons/serve \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/provisionerdaemons/serve
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 101 | Switching Protocols | Switching Protocols |
To perform this operation, you must be authenticated. Learn more.
List provisioner key
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/provisionerkeys \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/provisionerkeys
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
Example responses
200 Response
[
{
"created_at": "2019-08-24T14:15:22Z",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"organization": "452c1a86-a0af-475b-b03f-724878b0f387",
"tags": {
"property1": "string",
"property2": "string"
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.ProvisionerKey |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» created_at |
string(date-time) | false | ||
» id |
string(uuid) | false | ||
» name |
string | false | ||
» organization |
string(uuid) | false | ||
» tags |
codersdk.ProvisionerKeyTags | false | ||
»» [any property] |
string | false |
To perform this operation, you must be authenticated. Learn more.
Create provisioner key
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/organizations/{organization}/provisionerkeys \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /organizations/{organization}/provisionerkeys
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
Example responses
201 Response
{
"key": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Created | codersdk.CreateProvisionerKeyResponse |
To perform this operation, you must be authenticated. Learn more.
List provisioner key daemons
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/provisionerkeys/daemons \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/provisionerkeys/daemons
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
Example responses
200 Response
[
{
"daemons": [
{
"api_version": "string",
"created_at": "2019-08-24T14:15:22Z",
"current_job": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"status": "pending",
"template_display_name": "string",
"template_icon": "string",
"template_name": "string"
},
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"key_id": "1e779c8a-6786-4c89-b7c3-a6666f5fd6b5",
"key_name": "string",
"last_seen_at": "2019-08-24T14:15:22Z",
"name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"previous_job": {
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"status": "pending",
"template_display_name": "string",
"template_icon": "string",
"template_name": "string"
},
"provisioners": [
"string"
],
"status": "offline",
"tags": {
"property1": "string",
"property2": "string"
},
"version": "string"
}
],
"key": {
"created_at": "2019-08-24T14:15:22Z",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"organization": "452c1a86-a0af-475b-b03f-724878b0f387",
"tags": {
"property1": "string",
"property2": "string"
}
}
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.ProvisionerKeyDaemons |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» daemons |
array | false | ||
»» api_version |
string | false | ||
»» created_at |
string(date-time) | false | ||
»» current_job |
codersdk.ProvisionerDaemonJob | false | ||
»»» id |
string(uuid) | false | ||
»»» status |
codersdk.ProvisionerJobStatus | false | ||
»»» template_display_name |
string | false | ||
»»» template_icon |
string | false | ||
»»» template_name |
string | false | ||
»» id |
string(uuid) | false | ||
»» key_id |
string(uuid) | false | ||
»» key_name |
string | false | Optional fields. | |
»» last_seen_at |
string(date-time) | false | ||
»» name |
string | false | ||
»» organization_id |
string(uuid) | false | ||
»» previous_job |
codersdk.ProvisionerDaemonJob | false | ||
»» provisioners |
array | false | ||
»» status |
codersdk.ProvisionerDaemonStatus | false | ||
»» tags |
object | false | ||
»»» [any property] |
string | false | ||
»» version |
string | false | ||
» key |
codersdk.ProvisionerKey | false | ||
»» created_at |
string(date-time) | false | ||
»» id |
string(uuid) | false | ||
»» name |
string | false | ||
»» organization |
string(uuid) | false | ||
»» tags |
codersdk.ProvisionerKeyTags | false | ||
»»» [any property] |
string | false |
Enumerated Values
| Property | Value |
|---|---|
status |
pending |
status |
running |
status |
succeeded |
status |
canceling |
status |
canceled |
status |
failed |
status |
offline |
status |
idle |
status |
busy |
To perform this operation, you must be authenticated. Learn more.
Delete provisioner key
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/organizations/{organization}/provisionerkeys/{provisionerkey} \
-H 'Coder-Session-Token: API_KEY'
DELETE /organizations/{organization}/provisionerkeys/{provisionerkey}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string | true | Organization ID |
provisionerkey |
path | string | true | Provisioner key name |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | No Content |
To perform this operation, you must be authenticated. Learn more.
Get the available organization idp sync claim fields
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/available-fields \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/settings/idpsync/available-fields
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
[
"string"
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of string |
Response Schema
To perform this operation, you must be authenticated. Learn more.
Get the organization idp sync claim field values
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/field-values?claimField=string \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/settings/idpsync/field-values
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
claimField |
query | string(string) | true | Claim Field |
Example responses
200 Response
[
"string"
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of string |
Response Schema
To perform this operation, you must be authenticated. Learn more.
Get group IdP Sync settings by organization
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/groups \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/settings/idpsync/groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
{
"auto_create_missing_groups": true,
"field": "string",
"legacy_group_name_mapping": {
"property1": "string",
"property2": "string"
},
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"regex_filter": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.GroupSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update group IdP Sync settings by organization
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/groups \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/groups
Body parameter
{
"auto_create_missing_groups": true,
"field": "string",
"legacy_group_name_mapping": {
"property1": "string",
"property2": "string"
},
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"regex_filter": {}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
body |
body | codersdk.GroupSyncSettings | true | New settings |
Example responses
200 Response
{
"auto_create_missing_groups": true,
"field": "string",
"legacy_group_name_mapping": {
"property1": "string",
"property2": "string"
},
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"regex_filter": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.GroupSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update group IdP Sync config
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/groups/config \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/groups/config
Body parameter
{
"auto_create_missing_groups": true,
"field": "string",
"regex_filter": {}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID or name |
body |
body | codersdk.PatchGroupIDPSyncConfigRequest | true | New config values |
Example responses
200 Response
{
"auto_create_missing_groups": true,
"field": "string",
"legacy_group_name_mapping": {
"property1": "string",
"property2": "string"
},
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"regex_filter": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.GroupSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update group IdP Sync mapping
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/groups/mapping \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/groups/mapping
Body parameter
{
"add": [
{
"gets": "string",
"given": "string"
}
],
"remove": [
{
"gets": "string",
"given": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID or name |
body |
body | codersdk.PatchGroupIDPSyncMappingRequest | true | Description of the mappings to add and remove |
Example responses
200 Response
{
"auto_create_missing_groups": true,
"field": "string",
"legacy_group_name_mapping": {
"property1": "string",
"property2": "string"
},
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"regex_filter": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.GroupSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Get role IdP Sync settings by organization
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/roles \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /organizations/{organization}/settings/idpsync/roles
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.RoleSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update role IdP Sync settings by organization
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/roles
Body parameter
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
body |
body | codersdk.RoleSyncSettings | true | New settings |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.RoleSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update role IdP Sync config
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/roles/config \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/roles/config
Body parameter
{
"field": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID or name |
body |
body | codersdk.PatchRoleIDPSyncConfigRequest | true | New config values |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.RoleSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update role IdP Sync mapping
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/organizations/{organization}/settings/idpsync/roles/mapping \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /organizations/{organization}/settings/idpsync/roles/mapping
Body parameter
{
"add": [
{
"gets": "string",
"given": "string"
}
],
"remove": [
{
"gets": "string",
"given": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID or name |
body |
body | codersdk.PatchRoleIDPSyncMappingRequest | true | Description of the mappings to add and remove |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.RoleSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Fetch provisioner key details
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/provisionerkeys/{provisionerkey} \
-H 'Accept: application/json'
GET /provisionerkeys/{provisionerkey}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
provisionerkey |
path | string | true | Provisioner Key |
Example responses
200 Response
{
"created_at": "2019-08-24T14:15:22Z",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"organization": "452c1a86-a0af-475b-b03f-724878b0f387",
"tags": {
"property1": "string",
"property2": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.ProvisionerKey |
To perform this operation, you must be authenticated. Learn more.
Get active replicas
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/replicas \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /replicas
Example responses
200 Response
[
{
"created_at": "2019-08-24T14:15:22Z",
"database_latency": 0,
"error": "string",
"hostname": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"region_id": 0,
"relay_address": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.Replica |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» created_at |
string(date-time) | false | Created at is the timestamp when the replica was first seen. | |
» database_latency |
integer | false | Database latency is the latency in microseconds to the database. | |
» error |
string | false | Error is the replica error. | |
» hostname |
string | false | Hostname is the hostname of the replica. | |
» id |
string(uuid) | false | ID is the unique identifier for the replica. | |
» region_id |
integer | false | Region ID is the region of the replica. | |
» relay_address |
string | false | Relay address is the accessible address to relay DERP connections. |
To perform this operation, you must be authenticated. Learn more.
SCIM 2.0: Service Provider Config
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/scim/v2/ServiceProviderConfig
GET /scim/v2/ServiceProviderConfig
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK |
SCIM 2.0: Get users
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/scim/v2/Users \
-H 'Authorizaiton: API_KEY'
GET /scim/v2/Users
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK |
To perform this operation, you must be authenticated. Learn more.
SCIM 2.0: Create new user
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/scim/v2/Users \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorizaiton: API_KEY'
POST /scim/v2/Users
Body parameter
{
"active": true,
"emails": [
{
"display": "string",
"primary": true,
"type": "string",
"value": "user@example.com"
}
],
"groups": [
null
],
"id": "string",
"meta": {
"resourceType": "string"
},
"name": {
"familyName": "string",
"givenName": "string"
},
"schemas": [
"string"
],
"userName": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | coderd.SCIMUser | true | New user |
Example responses
200 Response
{
"active": true,
"emails": [
{
"display": "string",
"primary": true,
"type": "string",
"value": "user@example.com"
}
],
"groups": [
null
],
"id": "string",
"meta": {
"resourceType": "string"
},
"name": {
"familyName": "string",
"givenName": "string"
},
"schemas": [
"string"
],
"userName": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | coderd.SCIMUser |
To perform this operation, you must be authenticated. Learn more.
SCIM 2.0: Get user by ID
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/scim/v2/Users/{id} \
-H 'Authorizaiton: API_KEY'
GET /scim/v2/Users/{id}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
id |
path | string(uuid) | true | User ID |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 404 | Not Found | Not Found |
To perform this operation, you must be authenticated. Learn more.
SCIM 2.0: Replace user account
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/scim/v2/Users/{id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/scim+json' \
-H 'Authorizaiton: API_KEY'
PUT /scim/v2/Users/{id}
Body parameter
{
"active": true,
"emails": [
{
"display": "string",
"primary": true,
"type": "string",
"value": "user@example.com"
}
],
"groups": [
null
],
"id": "string",
"meta": {
"resourceType": "string"
},
"name": {
"familyName": "string",
"givenName": "string"
},
"schemas": [
"string"
],
"userName": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
id |
path | string(uuid) | true | User ID |
body |
body | coderd.SCIMUser | true | Replace user request |
Example responses
200 Response
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.User |
To perform this operation, you must be authenticated. Learn more.
SCIM 2.0: Update user account
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/scim/v2/Users/{id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/scim+json' \
-H 'Authorizaiton: API_KEY'
PATCH /scim/v2/Users/{id}
Body parameter
{
"active": true,
"emails": [
{
"display": "string",
"primary": true,
"type": "string",
"value": "user@example.com"
}
],
"groups": [
null
],
"id": "string",
"meta": {
"resourceType": "string"
},
"name": {
"familyName": "string",
"givenName": "string"
},
"schemas": [
"string"
],
"userName": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
id |
path | string(uuid) | true | User ID |
body |
body | coderd.SCIMUser | true | Update user request |
Example responses
200 Response
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.User |
To perform this operation, you must be authenticated. Learn more.
Get the available idp sync claim fields
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/settings/idpsync/available-fields \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /settings/idpsync/available-fields
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
Example responses
200 Response
[
"string"
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of string |
Response Schema
To perform this operation, you must be authenticated. Learn more.
Get the idp sync claim field values
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/settings/idpsync/field-values?claimField=string \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /settings/idpsync/field-values
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
organization |
path | string(uuid) | true | Organization ID |
claimField |
query | string(string) | true | Claim Field |
Example responses
200 Response
[
"string"
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of string |
Response Schema
To perform this operation, you must be authenticated. Learn more.
Get organization IdP Sync settings
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/settings/idpsync/organization \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /settings/idpsync/organization
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"organization_assign_default": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update organization IdP Sync settings
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/settings/idpsync/organization \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /settings/idpsync/organization
Body parameter
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"organization_assign_default": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.OrganizationSyncSettings | true | New settings |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"organization_assign_default": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update organization IdP Sync config
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/settings/idpsync/organization/config \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /settings/idpsync/organization/config
Body parameter
{
"assign_default": true,
"field": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.PatchOrganizationIDPSyncConfigRequest | true | New config values |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"organization_assign_default": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Update organization IdP Sync mapping
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/settings/idpsync/organization/mapping \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /settings/idpsync/organization/mapping
Body parameter
{
"add": [
{
"gets": "string",
"given": "string"
}
],
"remove": [
{
"gets": "string",
"given": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.PatchOrganizationIDPSyncMappingRequest | true | Description of the mappings to add and remove |
Example responses
200 Response
{
"field": "string",
"mapping": {
"property1": [
"string"
],
"property2": [
"string"
]
},
"organization_assign_default": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.OrganizationSyncSettings |
To perform this operation, you must be authenticated. Learn more.
Get template ACLs
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/templates/{template}/acl \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /templates/{template}/acl
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
template |
path | string(uuid) | true | Template ID |
Example responses
200 Response
[
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"organization_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role": "admin",
"roles": [
{
"display_name": "string",
"name": "string",
"organization_id": "string"
}
],
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.TemplateUser |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» avatar_url |
string(uri) | false | ||
» created_at |
string(date-time) | true | ||
» email |
string(email) | true | ||
» id |
string(uuid) | true | ||
» last_seen_at |
string(date-time) | false | ||
» login_type |
codersdk.LoginType | false | ||
» name |
string | false | ||
» organization_ids |
array | false | ||
» role |
codersdk.TemplateRole | false | ||
» roles |
array | false | ||
»» display_name |
string | false | ||
»» name |
string | false | ||
»» organization_id |
string | false | ||
» status |
codersdk.UserStatus | false | ||
» theme_preference |
string | false | Deprecated: this value should be retrieved from codersdk.UserPreferenceSettings instead. |
|
» updated_at |
string(date-time) | false | ||
» username |
string | true |
Enumerated Values
| Property | Value |
|---|---|
login_type |
`` |
login_type |
password |
login_type |
github |
login_type |
oidc |
login_type |
token |
login_type |
none |
role |
admin |
role |
use |
status |
active |
status |
suspended |
To perform this operation, you must be authenticated. Learn more.
Update template ACL
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/templates/{template}/acl \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /templates/{template}/acl
Body parameter
{
"group_perms": {
"8bd26b20-f3e8-48be-a903-46bb920cf671": "use",
"<user_id>>": "admin"
},
"user_perms": {
"4df59e74-c027-470b-ab4d-cbba8963a5e9": "use",
"<group_id>": "admin"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
template |
path | string(uuid) | true | Template ID |
body |
body | codersdk.UpdateTemplateACL | true | Update template request |
Example responses
200 Response
{
"detail": "string",
"message": "string",
"validations": [
{
"detail": "string",
"field": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Response |
To perform this operation, you must be authenticated. Learn more.
Get template available acl users/groups
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/templates/{template}/acl/available \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /templates/{template}/acl/available
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
template |
path | string(uuid) | true | Template ID |
Example responses
200 Response
[
{
"groups": [
{
"avatar_url": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"members": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
],
"name": "string",
"organization_display_name": "string",
"organization_id": "7c60d51f-b44e-4682-87d6-449835ea4de6",
"organization_name": "string",
"quota_allowance": 0,
"source": "user",
"total_member_count": 0
}
],
"users": [
{
"avatar_url": "http://example.com",
"created_at": "2019-08-24T14:15:22Z",
"email": "user@example.com",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"last_seen_at": "2019-08-24T14:15:22Z",
"login_type": "",
"name": "string",
"status": "active",
"theme_preference": "string",
"updated_at": "2019-08-24T14:15:22Z",
"username": "string"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.ACLAvailable |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» groups |
array | false | ||
»» avatar_url |
string | false | ||
»» display_name |
string | false | ||
»» id |
string(uuid) | false | ||
»» members |
array | false | ||
»»» avatar_url |
string(uri) | false | ||
»»» created_at |
string(date-time) | true | ||
»»» email |
string(email) | true | ||
»»» id |
string(uuid) | true | ||
»»» last_seen_at |
string(date-time) | false | ||
»»» login_type |
codersdk.LoginType | false | ||
»»» name |
string | false | ||
»»» status |
codersdk.UserStatus | false | ||
»»» theme_preference |
string | false | Deprecated: this value should be retrieved from codersdk.UserPreferenceSettings instead. |
|
»»» updated_at |
string(date-time) | false | ||
»»» username |
string | true | ||
»» name |
string | false | ||
»» organization_display_name |
string | false | ||
»» organization_id |
string(uuid) | false | ||
»» organization_name |
string | false | ||
»» quota_allowance |
integer | false | ||
»» source |
codersdk.GroupSource | false | ||
»» total_member_count |
integer | false | How many members are in this group. Shows the total count, even if the user is not authorized to read group member details. May be greater than len(Group.Members). |
|
» users |
array | false |
Enumerated Values
| Property | Value |
|---|---|
login_type |
`` |
login_type |
password |
login_type |
github |
login_type |
oidc |
login_type |
token |
login_type |
none |
status |
active |
status |
suspended |
source |
user |
source |
oidc |
To perform this operation, you must be authenticated. Learn more.
Get user quiet hours schedule
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/users/{user}/quiet-hours \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /users/{user}/quiet-hours
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
user |
path | string(uuid) | true | User ID |
Example responses
200 Response
[
{
"next": "2019-08-24T14:15:22Z",
"raw_schedule": "string",
"time": "string",
"timezone": "string",
"user_can_set": true,
"user_set": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.UserQuietHoursScheduleResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» next |
string(date-time) | false | Next is the next time that the quiet hours window will start. | |
» raw_schedule |
string | false | ||
» time |
string | false | Time is the time of day that the quiet hours window starts in the given Timezone each day. | |
» timezone |
string | false | raw format from the cron expression, UTC if unspecified | |
» user_can_set |
boolean | false | User can set is true if the user is allowed to set their own quiet hours schedule. If false, the user cannot set a custom schedule and the default schedule will always be used. | |
» user_set |
boolean | false | User set is true if the user has set their own quiet hours schedule. If false, the user is using the default schedule. |
To perform this operation, you must be authenticated. Learn more.
Update user quiet hours schedule
Code samples
# Example request using curl
curl -X PUT http://coder-server:8080/api/v2/users/{user}/quiet-hours \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PUT /users/{user}/quiet-hours
Body parameter
{
"schedule": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
user |
path | string(uuid) | true | User ID |
body |
body | codersdk.UpdateUserQuietHoursScheduleRequest | true | Update schedule request |
Example responses
200 Response
[
{
"next": "2019-08-24T14:15:22Z",
"raw_schedule": "string",
"time": "string",
"timezone": "string",
"user_can_set": true,
"user_set": true
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.UserQuietHoursScheduleResponse |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» next |
string(date-time) | false | Next is the next time that the quiet hours window will start. | |
» raw_schedule |
string | false | ||
» time |
string | false | Time is the time of day that the quiet hours window starts in the given Timezone each day. | |
» timezone |
string | false | raw format from the cron expression, UTC if unspecified | |
» user_can_set |
boolean | false | User can set is true if the user is allowed to set their own quiet hours schedule. If false, the user cannot set a custom schedule and the default schedule will always be used. | |
» user_set |
boolean | false | User set is true if the user has set their own quiet hours schedule. If false, the user is using the default schedule. |
To perform this operation, you must be authenticated. Learn more.
Get workspace quota by user deprecated
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/workspace-quota/{user} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /workspace-quota/{user}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
user |
path | string | true | User ID, name, or me |
Example responses
200 Response
{
"budget": 0,
"credits_consumed": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.WorkspaceQuota |
To perform this operation, you must be authenticated. Learn more.
Get workspace proxies
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/workspaceproxies \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /workspaceproxies
Example responses
200 Response
[
{
"regions": [
{
"created_at": "2019-08-24T14:15:22Z",
"deleted": true,
"derp_enabled": true,
"derp_only": true,
"display_name": "string",
"healthy": true,
"icon_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"path_app_url": "string",
"status": {
"checked_at": "2019-08-24T14:15:22Z",
"report": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"status": "ok"
},
"updated_at": "2019-08-24T14:15:22Z",
"version": "string",
"wildcard_hostname": "string"
}
]
}
]
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | array of codersdk.RegionsResponse-codersdk_WorkspaceProxy |
Response Schema
Status Code 200
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
[array item] |
array | false | ||
» regions |
array | false | ||
»» created_at |
string(date-time) | false | ||
»» deleted |
boolean | false | ||
»» derp_enabled |
boolean | false | ||
»» derp_only |
boolean | false | ||
»» display_name |
string | false | ||
»» healthy |
boolean | false | ||
»» icon_url |
string | false | ||
»» id |
string(uuid) | false | ||
»» name |
string | false | ||
»» path_app_url |
string | false | Path app URL is the URL to the base path for path apps. Optional unless wildcard_hostname is set. E.g. https://us.example.com | |
»» status |
codersdk.WorkspaceProxyStatus | false | Status is the latest status check of the proxy. This will be empty for deleted proxies. This value can be used to determine if a workspace proxy is healthy and ready to use. | |
»»» checked_at |
string(date-time) | false | ||
»»» report |
codersdk.ProxyHealthReport | false | Report provides more information about the health of the workspace proxy. | |
»»»» errors |
array | false | Errors are problems that prevent the workspace proxy from being healthy | |
»»»» warnings |
array | false | Warnings do not prevent the workspace proxy from being healthy, but should be addressed. | |
»»» status |
codersdk.ProxyHealthStatus | false | ||
»» updated_at |
string(date-time) | false | ||
»» version |
string | false | ||
»» wildcard_hostname |
string | false | Wildcard hostname is the wildcard hostname for subdomain apps. E.g. .us.example.com E.g.--suffix.au.example.com Optional. Does not need to be on the same domain as PathAppURL. |
Enumerated Values
| Property | Value |
|---|---|
status |
ok |
status |
unreachable |
status |
unhealthy |
status |
unregistered |
To perform this operation, you must be authenticated. Learn more.
Create workspace proxy
Code samples
# Example request using curl
curl -X POST http://coder-server:8080/api/v2/workspaceproxies \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
POST /workspaceproxies
Body parameter
{
"display_name": "string",
"icon": "string",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
body |
body | codersdk.CreateWorkspaceProxyRequest | true | Create workspace proxy request |
Example responses
201 Response
{
"created_at": "2019-08-24T14:15:22Z",
"deleted": true,
"derp_enabled": true,
"derp_only": true,
"display_name": "string",
"healthy": true,
"icon_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"path_app_url": "string",
"status": {
"checked_at": "2019-08-24T14:15:22Z",
"report": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"status": "ok"
},
"updated_at": "2019-08-24T14:15:22Z",
"version": "string",
"wildcard_hostname": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Created | codersdk.WorkspaceProxy |
To perform this operation, you must be authenticated. Learn more.
Get workspace proxy
Code samples
# Example request using curl
curl -X GET http://coder-server:8080/api/v2/workspaceproxies/{workspaceproxy} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
GET /workspaceproxies/{workspaceproxy}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
workspaceproxy |
path | string(uuid) | true | Proxy ID or name |
Example responses
200 Response
{
"created_at": "2019-08-24T14:15:22Z",
"deleted": true,
"derp_enabled": true,
"derp_only": true,
"display_name": "string",
"healthy": true,
"icon_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"path_app_url": "string",
"status": {
"checked_at": "2019-08-24T14:15:22Z",
"report": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"status": "ok"
},
"updated_at": "2019-08-24T14:15:22Z",
"version": "string",
"wildcard_hostname": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.WorkspaceProxy |
To perform this operation, you must be authenticated. Learn more.
Delete workspace proxy
Code samples
# Example request using curl
curl -X DELETE http://coder-server:8080/api/v2/workspaceproxies/{workspaceproxy} \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
DELETE /workspaceproxies/{workspaceproxy}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
workspaceproxy |
path | string(uuid) | true | Proxy ID or name |
Example responses
200 Response
{
"detail": "string",
"message": "string",
"validations": [
{
"detail": "string",
"field": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.Response |
To perform this operation, you must be authenticated. Learn more.
Update workspace proxy
Code samples
# Example request using curl
curl -X PATCH http://coder-server:8080/api/v2/workspaceproxies/{workspaceproxy} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Coder-Session-Token: API_KEY'
PATCH /workspaceproxies/{workspaceproxy}
Body parameter
{
"display_name": "string",
"icon": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"regenerate_token": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
workspaceproxy |
path | string(uuid) | true | Proxy ID or name |
body |
body | codersdk.PatchWorkspaceProxy | true | Update workspace proxy request |
Example responses
200 Response
{
"created_at": "2019-08-24T14:15:22Z",
"deleted": true,
"derp_enabled": true,
"derp_only": true,
"display_name": "string",
"healthy": true,
"icon_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"path_app_url": "string",
"status": {
"checked_at": "2019-08-24T14:15:22Z",
"report": {
"errors": [
"string"
],
"warnings": [
"string"
]
},
"status": "ok"
},
"updated_at": "2019-08-24T14:15:22Z",
"version": "string",
"wildcard_hostname": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | OK | codersdk.WorkspaceProxy |
To perform this operation, you must be authenticated. Learn more.