mattermost/api/v4/source/ldap.yaml

  /api/v4/ldap/sync:
    post:
      tags:
        - LDAP
      summary: Sync with LDAP
      description: >
        Synchronize any user attribute changes in the configured AD/LDAP server
        with Mattermost.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: SyncLdap
      responses:
        "200":
          description: LDAP sync successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/test:
    post:
      tags:
        - LDAP
      summary: Test LDAP configuration
      description: >
        Test the current AD/LDAP configuration to see if the AD/LDAP server can
        be contacted successfully.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: TestLdap
      responses:
        "200":
          description: LDAP test successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "500":
          $ref: "#/components/responses/InternalServerError"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/test_connection:
    post:
      tags:
        - LDAP
      summary: Test LDAP connection with specific settings
      description: >
        Test the LDAP connection using the provided settings without modifying
        the current server configuration.

        ##### Permissions

        Must have `sysconsole_read_authentication_ldap` or `manage_system` permission.
      operationId: TestLdapConnection
      requestBody:
        description: LDAP settings to test
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/LdapSettings"
      responses:
        "200":
          description: LDAP connection test successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "500":
          $ref: "#/components/responses/InternalServerError"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/test_diagnostics:
    post:
      tags:
        - LDAP
      summary: Test LDAP diagnostics with specific settings
      description: >
        Test LDAP diagnostics using the provided settings to validate configuration
        and see sample results without modifying the current server configuration.
        Use the `test` query parameter to specify which diagnostic to run.

        ##### Permissions

        Must have `sysconsole_read_authentication_ldap` or `manage_system` permission.
      operationId: TestLdapDiagnostics
      parameters:
        - in: query
          name: test
          required: true
          description: Type of LDAP diagnostic test to run
          schema:
            type: string
            enum:
              - filters
              - attributes
              - group_attributes
            example: filters
      requestBody:
        description: LDAP settings to test diagnostics with
        required: true
        content:
          application/json:
            schema:
              $ref: "#/components/schemas/LdapSettings"
      responses:
        "200":
          description: LDAP diagnostic test results
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/LdapDiagnosticResult"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "500":
          $ref: "#/components/responses/InternalServerError"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/groups:
    get:
      tags:
        - ldap
      summary: Returns a list of LDAP groups
      description: >
        ##### Permissions

        Must have `manage_system` permission.

        __Minimum server version__: 5.11
      operationId: GetLdapGroups
      parameters:
        - name: q
          in: query
          description: Search term
          required: false
          schema:
            type: string
        - name: page
          in: query
          description: The page to select.
          schema:
            type: integer
            default: 0
        - name: per_page
          in: query
          description: The number of users per page.
            per page.
          schema:
            type: integer
            default: 60
      responses:
        "200":
          description: LDAP group page retrieval successful
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: "#/components/schemas/LDAPGroupsPaged"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
  /api/v4/ldap/groups/{remote_id}/link:
    post:
      tags:
        - ldap
      summary: Link a LDAP group
      description: >
        ##### Permissions

        Must have `manage_system` permission.

        __Minimum server version__: 5.11
      operationId: LinkLdapGroup
      parameters:
        - name: remote_id
          in: path
          description: Group GUID
          required: true
          schema:
            type: string
      responses:
        "201":
          description: LDAP group successfully linked
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
    delete:
      tags:
        - groups
      summary: Delete a link for LDAP group
      description: >
        ##### Permissions

        Must have `manage_system` permission.

        __Minimum server version__: 5.11
      operationId: UnlinkLdapGroup
      parameters:
        - name: remote_id
          in: path
          description: Group GUID
          required: true
          schema:
            type: string
      responses:
        "200":
          description: Successfully deleted ldap group link
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
  /api/v4/ldap/migrateid:
    post:
      tags:
        - LDAP
      summary: Migrate Id LDAP
      description: >
        Migrate LDAP IdAttribute to new value.
  
        ##### Permissions
  
        Must have `manage_system` permission.
  
        __Minimum server version__: 5.26
      operationId: MigrateIdLdap
      requestBody:
        content:
          application/json:
            schema:
              type: object
              required:
                - toAttribute
              properties:
                toAttribute:
                  description: New IdAttribute value
                  type: string
        required: true
      responses:
        "200":
          description: Migration successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "500":
          $ref: "#/components/responses/InternalServerError"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/certificate/public:
    post:
      tags:
        - LDAP
      summary: Upload public certificate
      description: >
        Upload the public certificate to be used for TLS verification. The server will pick a hard-coded filename for the
        PublicCertificateFile setting in your `config.json`.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: UploadLdapPublicCertificate
      requestBody:
        content:
          multipart/form-data:
            schema:
              type: object
              properties:
                certificate:
                  description: The public certificate file
                  type: string
                  format: binary
              required:
                - certificate
      responses:
        "200":
          description: LDAP certificate upload successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "501":
          $ref: "#/components/responses/NotImplemented"
    delete:
      tags:
        - LDAP
      summary: Remove public certificate
      description: >
        Delete the current public certificate being used for TLS verification.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: DeleteLdapPublicCertificate
      responses:
        "200":
          description: LDAP certificate delete successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/certificate/private:
    post:
      tags:
        - LDAP
      summary: Upload private key
      description: >
        Upload the private key to be used for TLS verification. The server will pick a hard-coded filename for the
        PrivateKeyFile setting in your `config.json`.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: UploadLdapPrivateCertificate
      requestBody:
        content:
          multipart/form-data:
            schema:
              type: object
              properties:
                certificate:
                  description: The private key file
                  type: string
                  format: binary
              required:
                - certificate
      responses:
        "200":
          description: LDAP certificate upload successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "501":
          $ref: "#/components/responses/NotImplemented"
    delete:
      tags:
        - LDAP
      summary: Remove private key
      description: >
        Delete the current private key being used with your TLS verification.

        ##### Permissions

        Must have `manage_system` permission.
      operationId: DeleteLdapPrivateCertificate
      responses:
        "200":
          description: LDAP certificate delete successful
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "501":
          $ref: "#/components/responses/NotImplemented"
  /api/v4/ldap/users/{user_id}/group_sync_memberships:
    post:
      tags:
        - LDAP
      summary: Create memberships for LDAP configured channels and teams for this user
      description: >
        Add the user to each channel and team configured for each LDAP group of whicht the user is
        a member.

        ##### Permissions

        Must have `sysconsole_write_user_management_groups` permission.
      operationId: AddUserToGroupSyncables
      parameters:
        - name: user_id
          in: path
          description: User Id
          required: true
          schema:
            type: string
      responses:
        "200":
          description: Channel and team memberships created as needed.
          content:
            application/json:
              schema:
                $ref: "#/components/schemas/StatusOK"
        "400":
          $ref: "#/components/responses/BadRequest"
        "401":
          $ref: "#/components/responses/Unauthorized"
        "403":
          $ref: "#/components/responses/Forbidden"
        "501":
          $ref: "#/components/responses/NotImplemented"
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> 2023-06-27 10:10:13 -04:00			`/api/v4/ldap/sync:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Sync with LDAP`
			`description: >`
			`Synchronize any user attribute changes in the configured AD/LDAP server`
			`with Mattermost.`

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: SyncLdap`
			`responses:`
			`"200":`
			`description: LDAP sync successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`/api/v4/ldap/test:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Test LDAP configuration`
			`description: >`
			`Test the current AD/LDAP configuration to see if the AD/LDAP server can`
			`be contacted successfully.`

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: TestLdap`
			`responses:`
			`"200":`
			`description: LDAP test successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"500":`
			`$ref: "#/components/responses/InternalServerError"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
[MM-63152] LDAP Wizard (#31417) * [MM-63717] LDAP Wizard skeleton (#31029) * add ldap_wizard component to render its admin components * i18n * test adjustment * keys and props fixes * title fix * fix placeholders * fix value initialization * linting * remove all ...props (except custom component); any->unknown * fix i18n (temp, will be changed in later PR) * better return; simplify function checking/calling * [MM-64259] Sections sidebar and navigation (#31059) * initial sections list sidebar * sidebar highlighting and scroll on click * some tidying up * add custom section titles for section sidebar * i18n * updating border on sections * scss style lint * color -> border-color * simplify activeSectionKey initialization; remove trailing newline * add useSectionNavigation; clean up ldap_wizard and scss; PR comments * extract section of code into renderSidebar() --------- Co-authored-by: Asaad Mahmood <asaadmahmood@users.noreply.github.com> * [MM-64296] Add test connection for connection settings panel (#31190) * button -> ldap test connect api * fix console error by sanitizing value in text component * return detailed error as error; adjust button -> primary, flushLeft * middle of redesigning how we do hover text, first button * add hover text to bools and file uploads * i18n * add LdapSettings as api type; add new endpoint to api yaml * allow testing without first enabling LDAP and saving config * i18n id changes * improve TestLdapConnection to current standards * PR comments * safeDereference; cleaner returns * remove hover markdown; formatting and typing simplification * use button for "More Info"; i18n * finish renaming help_text_hover -> help_text_more_info * fix error output * only send bindpassword if it has been changed * fix: don't send blank bindPassword when it is still ***** * merge conflict * [MM-64480] Refactor Admin Definition (#31280) * move ldap definition to its own file for simplicity & context * refactor admin_definition to eliminate circular dependencies * merge conflicts * before: buggy userHasReadPermissinOnSomeResources; after: fix incorrect snapshot * merge conflict: new bindPasssword definition was left behind; fixed. * merge conflict * [MM-63765] LDAP Wizard: User filter expandable section (#31286) * add "more info" hover to user filter help texts; make wider * add expandable_setting type and component * use Dislosure show/hide pattern for accessibility * fix tooltip scss selectors * fix hover -> more_info; make sure translation files are correct * use join('\n\n') instead of the eslint disable line * Revert "use join('\n\n') instead of the eslint disable line" This reverts commit 274667e875b34703f14fee0706cd28b0125cefc9. * [MM-64482] LDAP Wizard - Test User filters (#31312) * initial cut at UI and backend for test filters * api definitions; mocks * clean up to current standards * [MM-64512] - Test user filters UI (#31355) * result_count -> total_count * json cannot marshal error, returning error as string as god intended * render errors with icon, hover text, and better feedback texts * gather the settings that may be in expandable sections * remove success, use error == "" to indicate success * [MM-64536] LDAP Wizard: Test user attributes (#31373) * LdapFilterTestResult -> LdapDiagnosticResult; FilterName -> TestName * implement test_attributes endpoint and limited frontend (first step) * adding EntriesWithValue * [MM-64550] LDAP Wizard: Test user attributes UI (#31374) * [MM-64551] LDAP Wizard: Test group attributes (#31375) * remove Test LDAP button (not needed); reused helptext for other btn * implement test_group_attributes endpoint; button/client-side paths * [MM-64552] LDAP Wizard: Test group attributes UI (#31376) * implement Test Group Attributes button * simplify helper functions (improves useCallback dependencies) * show the default filter that was used on the backend in the tooltip * show the icon when there's an error (e.g. required filter/attribute) * fix infinite rerendering * fix error after failed save; fix navigation unlocked after save * empty * Adjust message feedback given we don't test the schema anymore * improve css; don't use inline styles * removed unneccesary pointer indirection * improved i18n strings and logic * combining filters/attributes/group attributes endpoints improve types * improve help text for User Filter (it's tricky) * AvailableAttrs -> AvailableAttributes * fix for e2e tests (renamed title) * more e2e fixes * skip broken e2e test --------- Co-authored-by: Asaad Mahmood <asaadmahmood@users.noreply.github.com> 2025-06-16 16:19:33 -04:00			`/api/v4/ldap/test_connection:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Test LDAP connection with specific settings`
			`description: >`
			`Test the LDAP connection using the provided settings without modifying`
			`the current server configuration.`

			`##### Permissions`

			Must have `sysconsole_read_authentication_ldap` or `manage_system` permission.
			`operationId: TestLdapConnection`
			`requestBody:`
			`description: LDAP settings to test`
			`required: true`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/LdapSettings"`
			`responses:`
			`"200":`
			`description: LDAP connection test successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"500":`
			`$ref: "#/components/responses/InternalServerError"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`/api/v4/ldap/test_diagnostics:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Test LDAP diagnostics with specific settings`
			`description: >`
			`Test LDAP diagnostics using the provided settings to validate configuration`
			`and see sample results without modifying the current server configuration.`
			Use the `test` query parameter to specify which diagnostic to run.

			`##### Permissions`

			Must have `sysconsole_read_authentication_ldap` or `manage_system` permission.
			`operationId: TestLdapDiagnostics`
			`parameters:`
			`- in: query`
			`name: test`
			`required: true`
			`description: Type of LDAP diagnostic test to run`
			`schema:`
			`type: string`
			`enum:`
			`- filters`
			`- attributes`
			`- group_attributes`
			`example: filters`
			`requestBody:`
			`description: LDAP settings to test diagnostics with`
			`required: true`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/LdapSettings"`
			`responses:`
			`"200":`
			`description: LDAP diagnostic test results`
			`content:`
			`application/json:`
			`schema:`
			`type: array`
			`items:`
			`$ref: "#/components/schemas/LdapDiagnosticResult"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"500":`
			`$ref: "#/components/responses/InternalServerError"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> 2023-06-27 10:10:13 -04:00			`/api/v4/ldap/groups:`
			`get:`
			`tags:`
			`- ldap`
			`summary: Returns a list of LDAP groups`
			`description: >`
			`##### Permissions`

			Must have `manage_system` permission.

			`__Minimum server version__: 5.11`
			`operationId: GetLdapGroups`
			`parameters:`
			`- name: q`
			`in: query`
			`description: Search term`
			`required: false`
			`schema:`
			`type: string`
			`- name: page`
			`in: query`
			`description: The page to select.`
			`schema:`
			`type: integer`
			`default: 0`
			`- name: per_page`
			`in: query`
[MM-57966]Centralize the 200 maximum page size cap for the per_page parameter and remove individual mentions from API endpoint documentation (#26859) 2024-04-25 11:48:25 -04:00			`description: The number of users per page.`
Move API Reference (#23777) * merge mattermost-api-reference unchanged * api: update repostiory paths * api: drop GitPod for api (for now) * api: improved node_modules target * api: relocate GitHub actions to root * Update .github/workflows/api.yml Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> * fix cache-dependency-path * adopt node-version-file * pin versions for uses * tidy steps/runs * api/.gitpod.yml: tidy * api: rm now unused .gitlab-ci.yml --------- Co-authored-by: Antonis Stamatiou <stamatiou.antonis@gmail.com> 2023-06-27 10:10:13 -04:00			`per page.`
			`schema:`
			`type: integer`
			`default: 60`
			`responses:`
			`"200":`
			`description: LDAP group page retrieval successful`
			`content:`
			`application/json:`
			`schema:`
			`type: array`
			`items:`
			`$ref: "#/components/schemas/LDAPGroupsPaged"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`/api/v4/ldap/groups/{remote_id}/link:`
			`post:`
			`tags:`
			`- ldap`
			`summary: Link a LDAP group`
			`description: >`
			`##### Permissions`

			Must have `manage_system` permission.

			`__Minimum server version__: 5.11`
			`operationId: LinkLdapGroup`
			`parameters:`
			`- name: remote_id`
			`in: path`
			`description: Group GUID`
			`required: true`
			`schema:`
			`type: string`
			`responses:`
			`"201":`
			`description: LDAP group successfully linked`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`delete:`
			`tags:`
			`- groups`
			`summary: Delete a link for LDAP group`
			`description: >`
			`##### Permissions`

			Must have `manage_system` permission.

			`__Minimum server version__: 5.11`
			`operationId: UnlinkLdapGroup`
			`parameters:`
			`- name: remote_id`
			`in: path`
			`description: Group GUID`
			`required: true`
			`schema:`
			`type: string`
			`responses:`
			`"200":`
			`description: Successfully deleted ldap group link`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`/api/v4/ldap/migrateid:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Migrate Id LDAP`
			`description: >`
			`Migrate LDAP IdAttribute to new value.`

			`##### Permissions`

			Must have `manage_system` permission.

			`__Minimum server version__: 5.26`
			`operationId: MigrateIdLdap`
			`requestBody:`
			`content:`
			`application/json:`
			`schema:`
			`type: object`
			`required:`
			`- toAttribute`
			`properties:`
			`toAttribute:`
			`description: New IdAttribute value`
			`type: string`
			`required: true`
			`responses:`
			`"200":`
			`description: Migration successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"500":`
			`$ref: "#/components/responses/InternalServerError"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`/api/v4/ldap/certificate/public:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Upload public certificate`
			`description: >`
			`Upload the public certificate to be used for TLS verification. The server will pick a hard-coded filename for the`
			PublicCertificateFile setting in your `config.json`.

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: UploadLdapPublicCertificate`
			`requestBody:`
			`content:`
			`multipart/form-data:`
			`schema:`
			`type: object`
			`properties:`
			`certificate:`
			`description: The public certificate file`
			`type: string`
			`format: binary`
			`required:`
			`- certificate`
			`responses:`
			`"200":`
			`description: LDAP certificate upload successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`delete:`
			`tags:`
			`- LDAP`
			`summary: Remove public certificate`
			`description: >`
			`Delete the current public certificate being used for TLS verification.`

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: DeleteLdapPublicCertificate`
			`responses:`
			`"200":`
			`description: LDAP certificate delete successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`/api/v4/ldap/certificate/private:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Upload private key`
			`description: >`
			`Upload the private key to be used for TLS verification. The server will pick a hard-coded filename for the`
			PrivateKeyFile setting in your `config.json`.

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: UploadLdapPrivateCertificate`
			`requestBody:`
			`content:`
			`multipart/form-data:`
			`schema:`
			`type: object`
			`properties:`
			`certificate:`
			`description: The private key file`
			`type: string`
			`format: binary`
			`required:`
			`- certificate`
			`responses:`
			`"200":`
			`description: LDAP certificate upload successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
			`delete:`
			`tags:`
			`- LDAP`
			`summary: Remove private key`
			`description: >`
			`Delete the current private key being used with your TLS verification.`

			`##### Permissions`

			Must have `manage_system` permission.
			`operationId: DeleteLdapPrivateCertificate`
			`responses:`
			`"200":`
			`description: LDAP certificate delete successful`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`
API Updates (#24105) * fix missing /api/v4 prefix for commands autocomplete suggestion * document /api/v4/ldap/users/{user_id}/group_sync_memberships * document /api/v4/groups/{group_id}/restore * fix /files/{file_id}/public actually at root * document /api/v4/users/invalid_emails 2023-08-01 20:47:37 -04:00			`/api/v4/ldap/users/{user_id}/group_sync_memberships:`
			`post:`
			`tags:`
			`- LDAP`
			`summary: Create memberships for LDAP configured channels and teams for this user`
			`description: >`
			`Add the user to each channel and team configured for each LDAP group of whicht the user is`
			`a member.`

			`##### Permissions`

			Must have `sysconsole_write_user_management_groups` permission.
			`operationId: AddUserToGroupSyncables`
			`parameters:`
			`- name: user_id`
			`in: path`
			`description: User Id`
			`required: true`
			`schema:`
			`type: string`
			`responses:`
			`"200":`
			`description: Channel and team memberships created as needed.`
			`content:`
			`application/json:`
			`schema:`
			`$ref: "#/components/schemas/StatusOK"`
			`"400":`
			`$ref: "#/components/responses/BadRequest"`
			`"401":`
			`$ref: "#/components/responses/Unauthorized"`
			`"403":`
			`$ref: "#/components/responses/Forbidden"`
			`"501":`
			`$ref: "#/components/responses/NotImplemented"`