# Security

## GET /api/oauth/microsoft

>

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/oauth/microsoft":{"get":{"tags":["Security"],"operationId":"OAuth_Microsoft","responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```

## POST /api/token

>

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/token":{"post":{"tags":["Security"],"operationId":"Authentication_GenerateToken","responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}},"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/JwtRequest"}},"text/json":{"schema":{"$ref":"#/components/schemas/JwtRequest"}},"application/xml":{"schema":{"$ref":"#/components/schemas/JwtRequest"}},"text/xml":{"schema":{"$ref":"#/components/schemas/JwtRequest"}},"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/JwtRequest"}},"text/html":{"schema":{"$ref":"#/components/schemas/JwtRequest"}}},"required":true}}}},"components":{"schemas":{"JwtRequest":{"type":"object","properties":{"Debug":{"type":"boolean"},"Paging":{"type":"boolean"},"Secret":{"type":"string"},"Lifetime":{"format":"int32","type":"integer"},"Organization":{"format":"uuid","type":"string"},"Agent":{"format":"uuid","type":"string"},"Subject":{"format":"uuid","type":"string"}}}}}}
```

## POST /api/token/validate

>

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/token/validate":{"post":{"tags":["Security"],"operationId":"Authentication_ValidateToken","responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```

## Confirm authentication and authorization access to SiteBuilder

> INTERNAL USE ONLY. This endpoint is used by Site Builder websites to authenticate site administrators. It 
> \
> returns HTTP 200 OK only if the login credentials are a valid match for an administrator with permission 
> \
> granted on the Site Builder tools.

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/authenticate":{"post":{"tags":["Security"],"summary":"Confirm authentication and authorization access to SiteBuilder","description":"INTERNAL USE ONLY. This endpoint is used by Site Builder websites to authenticate site administrators. It \r\nreturns HTTP 200 OK only if the login credentials are a valid match for an administrator with permission \r\ngranted on the Site Builder tools.","operationId":"Authentication_AuthenticateUser","responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}},"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/LoginModel"}},"text/json":{"schema":{"$ref":"#/components/schemas/LoginModel"}},"application/xml":{"schema":{"$ref":"#/components/schemas/LoginModel"}},"text/xml":{"schema":{"$ref":"#/components/schemas/LoginModel"}},"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/LoginModel"}},"text/html":{"schema":{"$ref":"#/components/schemas/LoginModel"}}},"required":true}}}},"components":{"schemas":{"LoginModel":{"type":"object","properties":{"Email":{"type":"string"},"Password":{"type":"string"},"OrganizationIdentifier":{"format":"uuid","type":"string"}}}}}}
```

## POST /api/client/cookie

>

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/client/cookie":{"post":{"tags":["Security"],"operationId":"Client_GetCookieToken","responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```

## POST /api/secret/generate

> Generates a new client secret for the authenticated user, replacing any existing secret.

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/secret/generate":{"post":{"tags":["Security"],"summary":"Generates a new client secret for the authenticated user, replacing any existing secret.","operationId":"SecuritySecret_GenerateNewClientSecret","parameters":[{"schema":{"type":"integer","format":"int32"},"name":"expiry","in":"query","description":"The number of days until the secret expires. If omitted, the default is assumed (90 days).","required":false}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```

## PUT /api/secret/extend

> Extends the lifetime of the authenticated user's existing client secret without changing the secret value.

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/secret/extend":{"put":{"tags":["Security"],"summary":"Extends the lifetime of the authenticated user's existing client secret without changing the secret value.","operationId":"SecuritySecret_ExtendClientSecretLifetime","parameters":[{"schema":{"type":"integer","format":"int32"},"name":"expiry","in":"query","description":"The desired number of days until the secret expires. Capped at a maximum of 90 days.","required":true}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```

## GET /api/sessions/timeout

>

```json
{"openapi":"3.1.1","info":{"title":"API Version 1","version":"v1"},"servers":[{"url":"https://dev-demo.shiftiq.com"}],"paths":{"/api/sessions/timeout":{"get":{"tags":["Security"],"operationId":"Sessions_Timeout","parameters":[{"schema":{"type":"string"},"name":"session","in":"query","required":true}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"type":"object"}},"text/json":{"schema":{"type":"object"}},"application/xml":{"schema":{"type":"object"}},"text/xml":{"schema":{"type":"object"}},"text/html":{"schema":{"type":"object"}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.shiftiq.com/developers/api-v1/api-reference/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.