{"files":{"SKILL.md":"---\nname: authentiq-connect-api\ndescription: \"Authentiq Connect API skill. Use when working with Authentiq Connect for authorize, token, userinfo. Covers 9 endpoints.\"\nversion: 1.0.0\ngenerator: lapsh\n---\n\n# Authentiq Connect API\nAPI version: 1.0\n\n## Auth\nOAuth2 | ApiKey Authorization in header | OAuth2 | OAuth2 | OAuth2\n\n## Base URL\nhttps://connect.authentiq.io/\n\n## Setup\n1. Set your API key in the appropriate header\n2. GET /authorize -- authenticate a user\n3. POST /token -- create first token\n\n## Endpoints\n9 endpoints across 5 groups. See references/api-spec.lap for full details.\n\n### Authorize\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /authorize | Authenticate a user |\n\n### Token\n| Method | Path | Description |\n|--------|------|-------------|\n| POST | /token | Obtain an ID Token |\n\n### Userinfo\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /userinfo | Retrieve a user profile |\n\n### Client\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /client | List clients |\n| POST | /client | Register a client |\n| GET | /client/{client_id} | View a client |\n| PUT | /client/{client_id} | Update a client |\n| DELETE | /client/{client_id} | Delete a client |\n\n### {client_id}\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /{client_id}/iframe | Include a session iframe |\n\n## Common Questions\nMatch user requests to endpoints in references/api-spec.lap. Key patterns:\n- \"List all authorize?\" -> GET /authorize\n- \"Create a token?\" -> POST /token\n- \"List all userinfo?\" -> GET /userinfo\n- \"List all client?\" -> GET /client\n- \"Create a client?\" -> POST /client\n- \"Get client details?\" -> GET /client/{client_id}\n- \"Update a client?\" -> PUT /client/{client_id}\n- \"Delete a client?\" -> DELETE /client/{client_id}\n- \"List all iframe?\" -> GET /{client_id}/iframe\n- \"How to authenticate?\" -> See Auth section above\n\n## Response Tips\n- Check response schemas in references/api-spec.lap for field details\n- Create/update endpoints return the modified resource on success\n- Error responses include status codes and descriptions in the spec\n\n## References\n- Full spec: See references/api-spec.lap for complete endpoint details, parameter tables, and response schemas\n\n> Generated from the official API spec by [LAP](https://lap.sh)\n","references/api-spec.lap":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api Authentiq Connect API\n@base https://connect.authentiq.io/\n@version 1.0\n@auth OAuth2 | ApiKey Authorization in header | OAuth2 | OAuth2 | OAuth2\n@endpoints 9\n@toc authorize(1), token(1), userinfo(1), client(5), {client_id}(1)\n\n@group authorize\n@endpoint GET /authorize\n@desc Authenticate a user\n@required {client_id: any # A client ID obtained from the [Dashboard](https://dashboard.authentiq.com/)., response_type: any # The OIDC response type to use for this authentication flow. Valid choices are `code`, `id_token`, `token`, `token id_token`, `code id_token` `code token` and `code token id_token`, but a client can be configured with a more restricted set., scope: any # The space-separated identity claims to request from the end-user. Always include `openid` as a scope for compatibility with OIDC., redirect_uri: any # The location to redirect to after (un)successful authentication. See OIDC for the parameters passed in the query string (`response_mode=query`) or as fragments (`response_mode=fragment`). Unless the client is in test-mode this must be one of the registered redirect URLs., state: any # An opaque string that will be passed back to the redirect URL and therefore can be used to communicate client side state and prevent CSRF attacks.}\n@optional {response_mode: any # Whether to append parameters to the redirect URL in the query string (`query`) or as fragments (`fragment`). This option usually has a sensible default for each of the response types., nonce: any # An nonce provided by the client (and opaque to Authentiq Connect) that will be included in any ID Token generated for this session. Clients should use the nonce to mitigate replay attacks., display: any # The authentication display mode, which can be one of `page`, `popup` or `modal`. Defaults to `page`., prompt: any # Space-delimited, case sensitive list of ASCII string values that specifies whether the Authorization Server prompts the End-User for reauthentication and consent. The supported values are: `none`, `login`, `consent`. If `consent` the end-user is asked to (re)confirm what claims they share. Use `none` to check for an active session., max_age: any # Specifies the allowable elapsed time in seconds since the last time the end-user was actively authenticated., ui_locales: any # Specifies the preferred language to use on the authorization page, as a space-separated list of BCP47 language tags. Ignored at the moment.}\n@errors {302: A successful or erroneous authentication response., 303: *Sign in with Authentiq* page, popup or modal.}\n\n@endgroup\n\n@group token\n@endpoint POST /token\n@desc Obtain an ID Token\n@required {client_id: any # The registered client ID., client_secret: any # The registered client ID secret., grant_type: any # The authorization grant type, must be `authorization_code`., code: any # The authorization code previously obtained from the Authentication endpoint., redirect_uri: any # The redirect URL that was used previously with the Authentication endpoint.}\n@optional {Authorization: any # HTTP Basic authorization header.}\n@returns(200) Token response\n@errors {400: OAuth 2.0 error response, 401: OAuth 2.0 error response}\n\n@endgroup\n\n@group userinfo\n@endpoint GET /userinfo\n@desc Retrieve a user profile\n@returns(200) UserInfo response\n@errors {401: OAuth 2.0 error response}\n\n@endgroup\n\n@group client\n@endpoint GET /client\n@desc List clients\n@returns(200) A list of Client Objects.\n\n@endpoint POST /client\n@desc Register a client\n@required {body: any # Client Object}\n@returns(201) Client created\n\n@endpoint GET /client/{client_id}\n@desc View a client\n@required {client_id: any # Client identifier}\n@returns(200) Client found\n\n@endpoint PUT /client/{client_id}\n@desc Update a client\n@required {client_id: any # Client identifier, body: any # Client Object}\n@returns(200) Client updated\n\n@endpoint DELETE /client/{client_id}\n@desc Delete a client\n@required {client_id: any # Client identifier}\n@returns(204) Client deleted\n\n@endgroup\n\n@group {client_id}\n@endpoint GET /{client_id}/iframe\n@desc Include a session iframe\n@required {client_id: any # Client identifier}\n@returns(200) OK\n\n@endgroup\n\n@end\n"}}