Can I use FusionAuth as a CLI?

Yes. KosmoKrator exposes a FusionAuth CLI through kosmo integrations:call and the provider shortcut command. Commands can return JSON for scripts, CI, and coding agents.

Can I expose FusionAuth through MCP?

Yes. The KosmoKrator MCP gateway can expose selected FusionAuth tools to clients such as Claude Code, Cursor, Codex, and other MCP-compatible tools.

Where are FusionAuth credentials stored?

FusionAuth credentials are configured in KosmoKrator's local integration settings and reused by CLI, Lua, and MCP gateway surfaces.

Can I deny write access for FusionAuth MCP tools?

Yes. Start the gateway with --write=deny for read-only clients, or use ask/allow only for trusted workspaces.

productivity

FusionAuth MCP, CLI, and Lua Integration for AI Agents

FusionAuth integration docs for AI agents: MCP gateway setup, FusionAuth CLI commands, Lua API reference, credentials, and function schemas.

FusionAuth for agents

Credentials can be configured manually in web or CLI hosts.

Use this integration from Lua code mode, the headless integrations CLI, or the KosmoKrator MCP gateway. The same package metadata powers all three surfaces.

Agent Surfaces

FusionAuth CLIHeadless setup, JSON output, direct function calls. FusionAuth MCPExpose selected tools to local MCP clients. FusionAuth LuaAgent-facing namespace and Lua reference. FeedbackReport missing tools, auth issues, or bad metadata.

Machine-Readable Metadata

integration_slug: fusionauth
route_slug: fusionauth
package: fusionauth
auth_strategy: api_key_header
cli_setup_supported: true
cli_runtime_supported: true
mcp_gateway_supported: true
lua_supported: true

Function Catalog

Function	Type	Description
`fusionauth.fusionauth_action_user_with_id`	Write `write`	Takes an action on a user. The user being actioned is called the "actionee" and the user taking the action is called the "actioner". Both user ids are required in the request object.
`fusionauth.fusionauth_activate_reactor_with_id`	Write `write`	Activates the FusionAuth Reactor using a license Id and optionally a license text (for air-gapped deployments)
`fusionauth.fusionauth_cancel_action_with_id`	Write `write`	Cancels the user action.
`fusionauth.fusionauth_change_password_with_id`	Write `write`	Changes a user's password using the change password Id. This usually occurs after an email has been sent to the user and they clicked on a link to reset their password. As of version 1.32.2, prefer sending the changePasswordId in the request body. To do this, omit the first parameter, and set the value in the request body.
`fusionauth.fusionauth_comment_on_user_with_id`	Write `write`	Adds a comment to the user's account.
`fusionauth.fusionauth_complete_verify_identity_with_id`	Write `write`	Completes verification of an identity using verification codes from the Verify Start API.
`fusionauth.fusionauth_complete_web_authn_assertion_with_id`	Write `write`	Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge without logging the user in
`fusionauth.fusionauth_complete_web_authn_login_with_id`	Write `write`	Complete a WebAuthn authentication ceremony by validating the signature against the previously generated challenge and then login the user in
`fusionauth.fusionauth_complete_web_authn_registration_with_id`	Write `write`	Complete a WebAuthn registration ceremony by validating the client request and saving the new credential
`fusionauth.fusionauth_create_apikey`	Write `write`	Creates an API key. You can optionally specify a unique Id for the key, if not provided one will be generated. an API key can only be created with equal or lesser authority. An API key cannot create another API key unless it is granted to that API key. If an API key is locked to a tenant, it can only create API Keys for that same tenant.
`fusionauth.fusionauth_create_apikey_with_id`	Write `write`	Creates an API key. You can optionally specify a unique Id for the key, if not provided one will be generated. an API key can only be created with equal or lesser authority. An API key cannot create another API key unless it is granted to that API key. If an API key is locked to a tenant, it can only create API Keys for that same tenant.
`fusionauth.fusionauth_create_application`	Write `write`	Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
`fusionauth.fusionauth_create_application_role`	Write `write`	Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify an Id for the role inside the ApplicationRole object itself, if not provided one will be generated.
`fusionauth.fusionauth_create_application_role_with_id`	Write `write`	Creates a new role for an application. You must specify the Id of the application you are creating the role for. You can optionally specify an Id for the role inside the ApplicationRole object itself, if not provided one will be generated.
`fusionauth.fusionauth_create_application_with_id`	Write `write`	Creates an application. You can optionally specify an Id for the application, if not provided one will be generated.
`fusionauth.fusionauth_create_audit_log_with_id`	Write `write`	Creates an audit log with the message and user name (usually an email). Audit logs should be written anytime you make changes to the FusionAuth database. When using the FusionAuth App web interface, any changes are automatically written to the audit log. However, if you are accessing the API, you must write the audit logs yourself.
`fusionauth.fusionauth_create_connector`	Write `write`	Creates a connector. You can optionally specify an Id for the connector, if not provided one will be generated.
`fusionauth.fusionauth_create_connector_with_id`	Write `write`	Creates a connector. You can optionally specify an Id for the connector, if not provided one will be generated.
`fusionauth.fusionauth_create_consent`	Write `write`	Creates a user consent type. You can optionally specify an Id for the consent type, if not provided one will be generated.
`fusionauth.fusionauth_create_consent_with_id`	Write `write`	Creates a user consent type. You can optionally specify an Id for the consent type, if not provided one will be generated.
`fusionauth.fusionauth_create_device_approve`	Write `write`	Approve a device grant. OR Approve a device grant.
`fusionauth.fusionauth_create_device_authorize`	Write `write`	Start the Device Authorization flow using a request body OR Start the Device Authorization flow using form-encoded parameters
`fusionauth.fusionauth_create_device_user_code`	Write `write`	Retrieve a user_code that is part of an in-progress Device Authorization Grant. This API is useful if you want to build your own login workflow to complete a device grant. OR Retrieve a user_code that is part of an in-progress Device Authorization Grant. This API is useful if you want to build your own login workflow to complete a device grant. This request will require an API key.
`fusionauth.fusionauth_create_email_template`	Write `write`	Creates an email template. You can optionally specify an Id for the template, if not provided one will be generated.
`fusionauth.fusionauth_create_email_template_with_id`	Write `write`	Creates an email template. You can optionally specify an Id for the template, if not provided one will be generated.
`fusionauth.fusionauth_create_entity`	Write `write`	Creates an Entity. You can optionally specify an Id for the Entity. If not provided one will be generated.
`fusionauth.fusionauth_create_entity_type`	Write `write`	Creates a Entity Type. You can optionally specify an Id for the Entity Type, if not provided one will be generated.
`fusionauth.fusionauth_create_entity_type_permission`	Write `write`	Creates a new permission for an entity type. You must specify the Id of the entity type you are creating the permission for. You can optionally specify an Id for the permission inside the EntityTypePermission object itself, if not provided one will be generated.
`fusionauth.fusionauth_create_entity_type_permission_with_id`	Write `write`	Creates a new permission for an entity type. You must specify the Id of the entity type you are creating the permission for. You can optionally specify an Id for the permission inside the EntityTypePermission object itself, if not provided one will be generated.
`fusionauth.fusionauth_create_entity_type_with_id`	Write `write`	Creates a Entity Type. You can optionally specify an Id for the Entity Type, if not provided one will be generated.
`fusionauth.fusionauth_create_entity_with_id`	Write `write`	Creates an Entity. You can optionally specify an Id for the Entity. If not provided one will be generated.
`fusionauth.fusionauth_create_family`	Write `write`	Creates a family with the user Id in the request as the owner and sole member of the family. You can optionally specify an Id for the family, if not provided one will be generated.
`fusionauth.fusionauth_create_family_with_id`	Write `write`	Creates a family with the user Id in the request as the owner and sole member of the family. You can optionally specify an Id for the family, if not provided one will be generated.
`fusionauth.fusionauth_create_form`	Write `write`	Creates a form. You can optionally specify an Id for the form, if not provided one will be generated.
`fusionauth.fusionauth_create_form_field`	Write `write`	Creates a form field. You can optionally specify an Id for the form, if not provided one will be generated.
`fusionauth.fusionauth_create_form_field_with_id`	Write `write`	Creates a form field. You can optionally specify an Id for the form, if not provided one will be generated.
`fusionauth.fusionauth_create_form_with_id`	Write `write`	Creates a form. You can optionally specify an Id for the form, if not provided one will be generated.
`fusionauth.fusionauth_create_group`	Write `write`	Creates a group. You can optionally specify an Id for the group, if not provided one will be generated.
`fusionauth.fusionauth_create_group_members_with_id`	Write `write`	Creates a member in a group.
`fusionauth.fusionauth_create_group_with_id`	Write `write`	Creates a group. You can optionally specify an Id for the group, if not provided one will be generated.
`fusionauth.fusionauth_create_identity_provider`	Write `write`	Creates an identity provider. You can optionally specify an Id for the identity provider, if not provided one will be generated.
`fusionauth.fusionauth_create_identity_provider_with_id`	Write `write`	Creates an identity provider. You can optionally specify an Id for the identity provider, if not provided one will be generated.
`fusionauth.fusionauth_create_introspect`	Write `write`	Inspect an access token issued as the result of the Client Credentials Grant. OR Inspect an access token issued as the result of the Client Credentials Grant. OR Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refresh Grant. OR Inspect an access token issued as the result of the User based grant such as the Authorization Code Grant, Implicit Grant, the User Credentials Grant or the Refres
`fusionauth.fusionauth_create_ipaccess_control_list`	Write `write`	Creates an IP Access Control List. You can optionally specify an Id on this create request, if one is not provided one will be generated.
`fusionauth.fusionauth_create_ipaccess_control_list_with_id`	Write `write`	Creates an IP Access Control List. You can optionally specify an Id on this create request, if one is not provided one will be generated.
`fusionauth.fusionauth_create_lambda`	Write `write`	Creates a Lambda. You can optionally specify an Id for the lambda, if not provided one will be generated.
`fusionauth.fusionauth_create_lambda_with_id`	Write `write`	Creates a Lambda. You can optionally specify an Id for the lambda, if not provided one will be generated.
`fusionauth.fusionauth_create_logout`	Write `write`	The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the client and revoke the refresh token stored. This API takes the refresh token in the JSON body. OR The Logout API is intended to be used to remove the refresh token and access token cookies if they exist on the client and revoke the refresh token stored. This API does nothing if the request does not contain an access token or refresh token cookies.
`fusionauth.fusionauth_create_message_template`	Write `write`	Creates an message template. You can optionally specify an Id for the template, if not provided one will be generated.
`fusionauth.fusionauth_create_message_template_with_id`	Write `write`	Creates an message template. You can optionally specify an Id for the template, if not provided one will be generated.
`fusionauth.fusionauth_create_messenger`	Write `write`	Creates a messenger. You can optionally specify an Id for the messenger, if not provided one will be generated.
`fusionauth.fusionauth_create_messenger_with_id`	Write `write`	Creates a messenger. You can optionally specify an Id for the messenger, if not provided one will be generated.
`fusionauth.fusionauth_create_oauth_scope`	Write `write`	Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can optionally specify an Id for the OAuth scope on the URL, if not provided one will be generated.
`fusionauth.fusionauth_create_oauth_scope_with_id`	Write `write`	Creates a new custom OAuth scope for an application. You must specify the Id of the application you are creating the scope for. You can optionally specify an Id for the OAuth scope on the URL, if not provided one will be generated.
`fusionauth.fusionauth_create_tenant`	Write `write`	Creates a tenant. You can optionally specify an Id for the tenant, if not provided one will be generated.
`fusionauth.fusionauth_create_tenant_manager_identity_provider_type_configuration_with_id`	Write `write`	Creates a tenant manager identity provider type configuration for the given identity provider type.
`fusionauth.fusionauth_create_tenant_with_id`	Write `write`	Creates a tenant. You can optionally specify an Id for the tenant, if not provided one will be generated.
`fusionauth.fusionauth_create_theme`	Write `write`	Creates a Theme. You can optionally specify an Id for the theme, if not provided one will be generated.
`fusionauth.fusionauth_create_theme_with_id`	Write `write`	Creates a Theme. You can optionally specify an Id for the theme, if not provided one will be generated.
`fusionauth.fusionauth_create_token`	Write `write`	Exchange User Credentials for a Token. If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user's email and password for an access token. OR Exchange User Credentials for a Token. If you will be using the Resource Owner Password Credential Grant, you will make a request to the Token endpoint to exchange the user's email and password for an access token. OR Exchange a Refresh Token for an Access Token. If you will be usi
`fusionauth.fusionauth_create_user`	Write `write`	Creates a user. You can optionally specify an Id for the user, if not provided one will be generated.
`fusionauth.fusionauth_create_user_action`	Write `write`	Creates a user action. This action cannot be taken on a user until this call successfully returns. Anytime after that the user action can be applied to any user.
`fusionauth.fusionauth_create_user_action_reason`	Write `write`	Creates a user reason. This user action reason cannot be used when actioning a user until this call completes successfully. Anytime after that the user action reason can be used.
`fusionauth.fusionauth_create_user_action_reason_with_id`	Write `write`	Creates a user reason. This user action reason cannot be used when actioning a user until this call completes successfully. Anytime after that the user action reason can be used.
`fusionauth.fusionauth_create_user_action_with_id`	Write `write`	Creates a user action. This action cannot be taken on a user until this call successfully returns. Anytime after that the user action can be applied to any user.
`fusionauth.fusionauth_create_user_change_password`	Write `write`	Changes a user's password using their access token (JWT) instead of the changePasswordId A common use case for this method will be if you want to allow the user to change their own password. Remember to send refreshToken in the request body if you want to get a new refresh token when login using the returned oneTimePassword. OR Changes a user's password using their identity (loginId and password). Using a loginId instead of the changePasswordId bypasses the email verification and allows a passwo
`fusionauth.fusionauth_create_user_consent`	Write `write`	Creates a single User consent.
`fusionauth.fusionauth_create_user_consent_with_id`	Write `write`	Creates a single User consent.
`fusionauth.fusionauth_create_user_link_with_id`	Write `write`	Link an external user from a 3rd party identity provider to a FusionAuth user.
`fusionauth.fusionauth_create_user_verify_email`	Write `write`	Administratively verify a user's email address. Use this method to bypass email verification for the user. The request body will contain the userId to be verified. An API key is required when sending the userId in the request body. OR Confirms a user's email address. The request body will contain the verificationId. You may also be required to send a one-time use code based upon your configuration. When the tenant is configured to gate a user until their email address is verified, this procedure
`fusionauth.fusionauth_create_user_with_id`	Write `write`	Creates a user. You can optionally specify an Id for the user, if not provided one will be generated.
`fusionauth.fusionauth_create_webhook`	Write `write`	Creates a webhook. You can optionally specify an Id for the webhook, if not provided one will be generated.
`fusionauth.fusionauth_create_webhook_with_id`	Write `write`	Creates a webhook. You can optionally specify an Id for the webhook, if not provided one will be generated.
`fusionauth.fusionauth_delete_apikey_with_id`	Write `write`	Deletes the API key for the given Id.
`fusionauth.fusionauth_delete_application_role_with_id`	Write `write`	Hard deletes an application role. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given role from all users that had it.
`fusionauth.fusionauth_delete_application_with_id`	Write `write`	Hard deletes an application. This is a dangerous operation and should not be used in most circumstances. This will delete the application, any registrations for that application, metrics and reports for the application, all the roles for the application, and any other data associated with the application. This operation could take a very long time, depending on the amount of data in your database. OR Deactivates the application with the given Id.
`fusionauth.fusionauth_delete_connector_with_id`	Write `write`	Deletes the connector for the given Id.
`fusionauth.fusionauth_delete_consent_with_id`	Write `write`	Deletes the consent for the given Id.
`fusionauth.fusionauth_delete_email_template_with_id`	Write `write`	Deletes the email template for the given Id.
`fusionauth.fusionauth_delete_entity_grant_with_id`	Write `write`	Deletes an Entity Grant for the given User or Entity.
`fusionauth.fusionauth_delete_entity_type_permission_with_id`	Write `write`	Hard deletes a permission. This is a dangerous operation and should not be used in most circumstances. This permanently removes the given permission from all grants that had it.
`fusionauth.fusionauth_delete_entity_type_with_id`	Write `write`	Deletes the Entity Type for the given Id.
`fusionauth.fusionauth_delete_entity_with_id`	Write `write`	Deletes the Entity for the given Id.
`fusionauth.fusionauth_delete_form_field_with_id`	Write `write`	Deletes the form field for the given Id.
`fusionauth.fusionauth_delete_form_with_id`	Write `write`	Deletes the form for the given Id.
`fusionauth.fusionauth_delete_group_members_with_id`	Write `write`	Removes users as members of a group.
`fusionauth.fusionauth_delete_group_with_id`	Write `write`	Deletes the group for the given Id.
`fusionauth.fusionauth_delete_identity_provider_with_id`	Write `write`	Deletes the identity provider for the given Id.
`fusionauth.fusionauth_delete_ipaccess_control_list_with_id`	Write `write`	Deletes the IP Access Control List for the given Id.
`fusionauth.fusionauth_delete_jwt_refresh`	Write `write`	Revokes refresh tokens using the information in the JSON body. The handling for this method is the same as the revokeRefreshToken method and is based on the information you provide in the RefreshDeleteRequest object. See that method for additional information. OR Revoke all refresh tokens that belong to a user by user Id for a specific application by applicationId. OR Revoke all refresh tokens that belong to a user by user Id. OR Revoke all refresh tokens that belong to an application by applica
`fusionauth.fusionauth_delete_key_with_id`	Write `write`	Deletes the key for the given Id.
`fusionauth.fusionauth_delete_lambda_with_id`	Write `write`	Deletes the lambda for the given Id.
`fusionauth.fusionauth_delete_message_template_with_id`	Write `write`	Deletes the message template for the given Id.
`fusionauth.fusionauth_delete_messenger_with_id`	Write `write`	Deletes the messenger for the given Id.
`fusionauth.fusionauth_delete_oauth_scope_with_id`	Write `write`	Hard deletes a custom OAuth scope. OAuth workflows that are still requesting the deleted OAuth scope may fail depending on the application's unknown scope policy.
`fusionauth.fusionauth_delete_tenant_manager_identity_provider_type_configuration_with_id`	Write `write`	Deletes the tenant manager identity provider type configuration for the given identity provider type.
`fusionauth.fusionauth_delete_tenant_with_id`	Write `write`	Deletes the tenant based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associated with the tenant and everything under the tenant (applications, users, etc). OR Deletes the tenant for the given Id asynchronously. This method is helpful if you do not want to wait for the delete operation to complete. OR Deletes the tenant based on the given Id on the URL. This permanently deletes all information, metrics, reports and data assoc
`fusionauth.fusionauth_delete_theme_with_id`	Write `write`	Deletes the theme for the given Id.
`fusionauth.fusionauth_delete_user_action_reason_with_id`	Write `write`	Deletes the user action reason for the given Id.
`fusionauth.fusionauth_delete_user_action_with_id`	Write `write`	Deletes the user action for the given Id. This permanently deletes the user action and also any history and logs of the action being applied to any users. OR Deactivates the user action with the given Id.
`fusionauth.fusionauth_delete_user_bulk`	Write `write`	Deletes the users with the given Ids, or users matching the provided JSON query or queryString. The order of preference is Ids, query and then queryString, it is recommended to only provide one of the three for the request. This method can be used to deactivate or permanently delete (hard-delete) users based upon the hardDelete boolean in the request body. Using the dryRun parameter you may also request the result of the action without actually deleting or deactivating any users. OR Deactivates
`fusionauth.fusionauth_delete_user_link_with_id`	Write `write`	Remove an existing link that has been made from a 3rd party identity provider to a FusionAuth user.
`fusionauth.fusionauth_delete_user_registration_with_id`	Write `write`	Deletes the user registration for the given user and application along with the given JSON body that contains the event information. OR Deletes the user registration for the given user and application.
`fusionauth.fusionauth_delete_user_two_factor_with_id`	Write `write`	Disable two-factor authentication for a user using a JSON body rather than URL parameters. OR Disable two-factor authentication for a user.
`fusionauth.fusionauth_delete_user_with_id`	Write `write`	Deletes the user based on the given request (sent to the API as JSON). This permanently deletes all information, metrics, reports and data associated with the user. OR Deletes the user for the given Id. This permanently deletes all information, metrics, reports and data associated with the user. OR Deactivates the user with the given Id.
`fusionauth.fusionauth_delete_web_authn_credential_with_id`	Write `write`	Deletes the WebAuthn credential for the given Id.
`fusionauth.fusionauth_delete_web_authn_credentials_for_user_with_id`	Write `write`	Deletes all of the WebAuthn credentials for the given User Id.
`fusionauth.fusionauth_delete_webhook_with_id`	Write `write`	Deletes the webhook for the given Id.
`fusionauth.fusionauth_enable_two_factor_with_id`	Write `write`	Enable two-factor authentication for a user.
`fusionauth.fusionauth_exchange_refresh_token_for_jwtwith_id`	Write `write`	Exchange a refresh token for a new JWT.
`fusionauth.fusionauth_forgot_password_with_id`	Write `write`	Begins the forgot password sequence, which kicks off an email to the user so that they can reset their password.
`fusionauth.fusionauth_generate_key`	Write `write`	Generate a new RSA or EC key pair or an HMAC secret.
`fusionauth.fusionauth_generate_key_with_id`	Write `write`	Generate a new RSA or EC key pair or an HMAC secret.
`fusionauth.fusionauth_generate_two_factor_recovery_codes_with_id`	Write `write`	Generate two-factor recovery codes for a user. Generating two-factor recovery codes will invalidate any existing recovery codes.
`fusionauth.fusionauth_generate_two_factor_secret_using_jwtwith_id`	Read `read`	Generate a Two Factor secret that can be used to enable Two Factor authentication for a User. The response will contain both the secret and a Base32 encoded form of the secret which can be shown to a User when using a 2 Step Authentication application such as Google Authenticator.
`fusionauth.fusionauth_identity_provider_login_with_id`	Write `write`	Handles login via third-parties including Social login, external OAuth and OpenID Connect, and other login systems.
`fusionauth.fusionauth_import_key`	Write `write`	Import an existing RSA or EC key pair or an HMAC secret.
`fusionauth.fusionauth_import_key_with_id`	Write `write`	Import an existing RSA or EC key pair or an HMAC secret.
`fusionauth.fusionauth_import_refresh_tokens_with_id`	Write `write`	Bulk imports refresh tokens. This request performs minimal validation and runs batch inserts of refresh tokens with the expectation that each token represents a user that already exists and is registered for the corresponding FusionAuth Application. This is done to increases the insert performance. Therefore, if you encounter an error due to a database key violation, the response will likely offer a generic explanation. If you encounter an error, you may optionally enable additional validation t
`fusionauth.fusionauth_import_users_with_id`	Write `write`	Bulk imports users. This request performs minimal validation and runs batch inserts of users with the expectation that each user does not yet exist and each registration corresponds to an existing FusionAuth Application. This is done to increases the insert performance. Therefore, if you encounter an error due to a database key violation, the response will likely offer a generic explanation. If you encounter an error, you may optionally enable additional validation to receive a JSON response bod
`fusionauth.fusionauth_import_web_authn_credential_with_id`	Write `write`	Import a WebAuthn credential
`fusionauth.fusionauth_issue_jwtwith_id`	Read `read`	Issue a new access token (JWT) for the requested Application after ensuring the provided JWT is valid. A valid access token is properly signed and not expired. This API may be used in an SSO configuration to issue new tokens for another application after the user has obtained a valid token from authentication.
`fusionauth.fusionauth_login_ping_with_id`	Write `write`	Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using FusionAuth's SSO or your own, you should call this if the user is already logged in centrally, but accesses an application where they no longer have a session. This helps correctly track login counts, times and helps with reporting.
`fusionauth.fusionauth_login_ping_with_request_with_id`	Write `write`	Sends a ping to FusionAuth indicating that the user was automatically logged into an application. When using FusionAuth's SSO or your own, you should call this if the user is already logged in centrally, but accesses an application where they no longer have a session. This helps correctly track login counts, times and helps with reporting.
`fusionauth.fusionauth_login_with_id`	Write `write`	Authenticates a user to FusionAuth. This API optionally requires an API key. See Application.loginConfiguration.requireAuthentication.
`fusionauth.fusionauth_modify_action_with_id`	Write `write`	Modifies a temporal user action by changing the expiration of the action and optionally adding a comment to the action.
`fusionauth.fusionauth_passwordless_login_with_id`	Write `write`	Complete a login request using a passwordless code
`fusionauth.fusionauth_patch_apikey_with_id`	Write `write`	Updates an API key with the given Id.
`fusionauth.fusionauth_patch_application_role_with_id`	Write `write`	Updates, via PATCH, the application role with the given Id for the application.
`fusionauth.fusionauth_patch_application_with_id`	Write `write`	Updates, via PATCH, the application with the given Id.
`fusionauth.fusionauth_patch_connector_with_id`	Write `write`	Updates, via PATCH, the connector with the given Id.
`fusionauth.fusionauth_patch_consent_with_id`	Write `write`	Updates, via PATCH, the consent with the given Id.
`fusionauth.fusionauth_patch_email_template_with_id`	Write `write`	Updates, via PATCH, the email template with the given Id.
`fusionauth.fusionauth_patch_entity_type_permission_with_id`	Write `write`	Patches the permission with the given Id for the entity type.
`fusionauth.fusionauth_patch_entity_type_with_id`	Write `write`	Updates, via PATCH, the Entity Type with the given Id.
`fusionauth.fusionauth_patch_entity_with_id`	Write `write`	Updates, via PATCH, the Entity with the given Id.
`fusionauth.fusionauth_patch_form_field_with_id`	Write `write`	Patches the form field with the given Id.
`fusionauth.fusionauth_patch_form_with_id`	Write `write`	Patches the form with the given Id.
`fusionauth.fusionauth_patch_group_with_id`	Write `write`	Updates, via PATCH, the group with the given Id.
`fusionauth.fusionauth_patch_identity_provider_with_id`	Write `write`	Updates, via PATCH, the identity provider with the given Id.
`fusionauth.fusionauth_patch_integrations_with_id`	Write `write`	Updates, via PATCH, the available integrations.
`fusionauth.fusionauth_patch_ipaccess_control_list_with_id`	Write `write`	Update the IP Access Control List with the given Id.
`fusionauth.fusionauth_patch_lambda_with_id`	Write `write`	Updates, via PATCH, the lambda with the given Id.
`fusionauth.fusionauth_patch_message_template_with_id`	Write `write`	Updates, via PATCH, the message template with the given Id.
`fusionauth.fusionauth_patch_messenger_with_id`	Write `write`	Updates, via PATCH, the messenger with the given Id.
`fusionauth.fusionauth_patch_oauth_scope_with_id`	Write `write`	Updates, via PATCH, the custom OAuth scope with the given Id for the application.
`fusionauth.fusionauth_patch_registration_with_id`	Write `write`	Updates, via PATCH, the registration for the user with the given Id and the application defined in the request.
`fusionauth.fusionauth_patch_system_configuration_with_id`	Write `write`	Updates, via PATCH, the system configuration.
`fusionauth.fusionauth_patch_tenant_manager_configuration_with_id`	Write `write`	Updates, via PATCH, the Tenant Manager configuration.
`fusionauth.fusionauth_patch_tenant_manager_identity_provider_type_configuration_with_id`	Write `write`	Patches the tenant manager identity provider type configuration for the given identity provider type.
`fusionauth.fusionauth_patch_tenant_with_id`	Write `write`	Updates, via PATCH, the tenant with the given Id.
`fusionauth.fusionauth_patch_theme_with_id`	Write `write`	Updates, via PATCH, the theme with the given Id.
`fusionauth.fusionauth_patch_user_action_reason_with_id`	Write `write`	Updates, via PATCH, the user action reason with the given Id.
`fusionauth.fusionauth_patch_user_action_with_id`	Write `write`	Updates, via PATCH, the user action with the given Id.
`fusionauth.fusionauth_patch_user_consent_with_id`	Write `write`	Updates, via PATCH, a single User consent by Id.
`fusionauth.fusionauth_patch_user_with_id`	Write `write`	Updates, via PATCH, the user with the given Id.
`fusionauth.fusionauth_patch_webhook_with_id`	Write `write`	Patches the webhook with the given Id.
`fusionauth.fusionauth_reconcile_jwtwith_id`	Write `write`	Reconcile a User to FusionAuth using JWT issued from another Identity Provider.
`fusionauth.fusionauth_register`	Write `write`	Registers a user for an application. If you provide the User and the UserRegistration object on this request, it will create the user as well as register them for the application. This is called a Full Registration. However, if you only provide the UserRegistration object, then the user must already exist and they will be registered for the application. The user Id can also be provided and it will either be used to look up an existing user or it will be used for the newly created User.
`fusionauth.fusionauth_register_with_id`	Write `write`	Registers a user for an application. If you provide the User and the UserRegistration object on this request, it will create the user as well as register them for the application. This is called a Full Registration. However, if you only provide the UserRegistration object, then the user must already exist and they will be registered for the application. The user Id can also be provided and it will either be used to look up an existing user or it will be used for the newly created User.
`fusionauth.fusionauth_reindex_with_id`	Write `write`	Requests Elasticsearch to delete and rebuild the index for FusionAuth users or entities. Be very careful when running this request as it will increase the CPU and I/O load on your database until the operation completes. Generally speaking you do not ever need to run this operation unless instructed by FusionAuth support, or if you are migrating a database another system and you are not brining along the Elasticsearch index. You have been warned.
`fusionauth.fusionauth_remove_user_from_family_with_id`	Write `write`	Removes a user from the family with the given Id.
`fusionauth.fusionauth_retrieve_action_with_id`	Read `read`	Retrieves a single action log (the log of a user action that was taken on a user previously) for the given Id.
`fusionauth.fusionauth_retrieve_apikey_with_id`	Read `read`	Retrieves an authentication API key for the given Id.
`fusionauth.fusionauth_retrieve_application`	Read `read`	Retrieves all the applications that are currently inactive. OR Retrieves the application for the given Id or all the applications if the Id is null.
`fusionauth.fusionauth_retrieve_application_with_id`	Read `read`	Retrieves the application for the given Id or all the applications if the Id is null.
`fusionauth.fusionauth_retrieve_audit_log_with_id`	Read `read`	Retrieves a single audit log for the given Id.
`fusionauth.fusionauth_retrieve_connector_with_id`	Read `read`	Retrieves the connector with the given Id.
`fusionauth.fusionauth_retrieve_consent_with_id`	Read `read`	Retrieves the Consent for the given Id.
`fusionauth.fusionauth_retrieve_daily_active_report_with_id`	Read `read`	Retrieves the daily active user report between the two instants. If you specify an application Id, it will only return the daily active counts for that application.
`fusionauth.fusionauth_retrieve_device_user_code`	Read `read`	Retrieve a user_code that is part of an in-progress Device Authorization Grant. This API is useful if you want to build your own login workflow to complete a device grant. This request will require an API key. OR Retrieve a user_code that is part of an in-progress Device Authorization Grant. This API is useful if you want to build your own login workflow to complete a device grant.
`fusionauth.fusionauth_retrieve_device_validate`	Read `read`	Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant. OR Validates the end-user provided user_code from the user-interaction of the Device Authorization Grant. If you build your own activation form you should validate the user provided code prior to beginning the Authorization grant.
`fusionauth.fusionauth_retrieve_email_template`	Read `read`	Retrieves the email template for the given Id. If you don't specify the Id, this will return all the email templates.
`fusionauth.fusionauth_retrieve_email_template_preview_with_id`	Write `write`	Creates a preview of the email template provided in the request. This allows you to preview an email template that hasn't been saved to the database yet. The entire email template does not need to be provided on the request. This will create the preview based on whatever is given.
`fusionauth.fusionauth_retrieve_email_template_with_id`	Read `read`	Retrieves the email template for the given Id. If you don't specify the Id, this will return all the email templates.
`fusionauth.fusionauth_retrieve_entity_grant_with_id`	Read `read`	Retrieves an Entity Grant for the given Entity and User/Entity.
`fusionauth.fusionauth_retrieve_entity_type_with_id`	Read `read`	Retrieves the Entity Type for the given Id.
`fusionauth.fusionauth_retrieve_entity_with_id`	Read `read`	Retrieves the Entity for the given Id.
`fusionauth.fusionauth_retrieve_event_log_with_id`	Read `read`	Retrieves a single event log for the given Id.
`fusionauth.fusionauth_retrieve_families_with_id`	Read `read`	Retrieves all the families that a user belongs to.
`fusionauth.fusionauth_retrieve_family_members_by_family_id_with_id`	Read `read`	Retrieves all the members of a family by the unique Family Id.
`fusionauth.fusionauth_retrieve_form_field_with_id`	Read `read`	Retrieves the form field with the given Id.
`fusionauth.fusionauth_retrieve_form_with_id`	Read `read`	Retrieves the form with the given Id.
`fusionauth.fusionauth_retrieve_group_with_id`	Read `read`	Retrieves the group for the given Id.
`fusionauth.fusionauth_retrieve_identity_provider_by_type_with_id`	Read `read`	Retrieves one or more identity provider for the given type. For types such as Google, Facebook, Twitter and LinkedIn, only a single identity provider can exist. For types such as OpenID Connect and SAMLv2 more than one identity provider can be configured so this request may return multiple identity providers.
`fusionauth.fusionauth_retrieve_identity_provider_connection_test_results_with_id`	Read `read`	Retrieves the results for an identity provider connection test.
`fusionauth.fusionauth_retrieve_identity_provider_link`	Read `read`	Retrieve all Identity Provider users (links) for the user. Specify the optional identityProviderId to retrieve links for a particular IdP. OR Retrieve a single Identity Provider user (link).
`fusionauth.fusionauth_retrieve_identity_provider_lookup`	Read `read`	Retrieves the identity provider for the given domain and tenantId. A 200 response code indicates the domain is managed by a registered identity provider. A 404 indicates the domain is not managed. OR Retrieves any global identity providers for the given domain. A 200 response code indicates the domain is managed by a registered identity provider. A 404 indicates the domain is not managed.
`fusionauth.fusionauth_retrieve_identity_provider_with_id`	Read `read`	Retrieves the identity provider for the given Id or all the identity providers if the Id is null.
`fusionauth.fusionauth_retrieve_ipaccess_control_list_with_id`	Read `read`	Retrieves the IP Access Control List with the given Id.
`fusionauth.fusionauth_retrieve_json_web_key_set_with_id`	Read `read`	Returns public keys used by FusionAuth to cryptographically verify JWTs using the JSON Web Key format.
`fusionauth.fusionauth_retrieve_jwt_public_key`	Read `read`	Retrieves the Public Key configured for verifying the JSON Web Tokens (JWT) issued by the Login API by the Application Id. OR Retrieves the Public Key configured for verifying JSON Web Tokens (JWT) by the key Id (kid).
`fusionauth.fusionauth_retrieve_key_with_id`	Read `read`	Retrieves the key for the given Id.
`fusionauth.fusionauth_retrieve_keys_with_id`	Read `read`	Retrieves all the keys.
`fusionauth.fusionauth_retrieve_lambda_with_id`	Read `read`	Retrieves the lambda for the given Id.
`fusionauth.fusionauth_retrieve_lambdas_by_type_with_id`	Read `read`	Retrieves all the lambdas for the provided type.
`fusionauth.fusionauth_retrieve_message_template`	Read `read`	Retrieves the message template for the given Id. If you don't specify the Id, this will return all the message templates.
`fusionauth.fusionauth_retrieve_message_template_preview_with_id`	Write `write`	Creates a preview of the message template provided in the request, normalized to a given locale.
`fusionauth.fusionauth_retrieve_message_template_with_id`	Read `read`	Retrieves the message template for the given Id. If you don't specify the Id, this will return all the message templates.
`fusionauth.fusionauth_retrieve_messenger_with_id`	Read `read`	Retrieves the messenger with the given Id.
`fusionauth.fusionauth_retrieve_monthly_active_report_with_id`	Read `read`	Retrieves the monthly active user report between the two instants. If you specify an application Id, it will only return the monthly active counts for that application.
`fusionauth.fusionauth_retrieve_oauth_configuration_with_id`	Read `read`	Retrieves the Oauth2 configuration for the application for the given Application Id.
`fusionauth.fusionauth_retrieve_oauth_scope_with_id`	Read `read`	Retrieves a custom OAuth scope.
`fusionauth.fusionauth_retrieve_open_id_configuration_with_id`	Read `read`	Returns the well known OpenID Configuration JSON document
`fusionauth.fusionauth_retrieve_password_validation_rules_with_id`	Read `read`	Retrieves the password validation rules for a specific tenant. This method requires a tenantId to be provided through the use of a Tenant scoped API key or an HTTP header X-FusionAuth-TenantId to specify the Tenant Id. This API does not require an API key.
`fusionauth.fusionauth_retrieve_password_validation_rules_with_tenant_id_with_id`	Read `read`	Retrieves the password validation rules for a specific tenant. This API does not require an API key.
`fusionauth.fusionauth_retrieve_pending_children_with_id`	Read `read`	Retrieves all the children for the given parent email address.
`fusionauth.fusionauth_retrieve_pending_link_with_id`	Read `read`	Retrieve a pending identity provider link. This is useful to validate a pending link and retrieve meta-data about the identity provider link.
`fusionauth.fusionauth_retrieve_reactor_metrics_with_id`	Read `read`	Retrieves the FusionAuth Reactor metrics.
`fusionauth.fusionauth_retrieve_refresh_token_by_id_with_id`	Read `read`	Retrieves a single refresh token by unique Id. This is not the same thing as the string value of the refresh token. If you have that, you already have what you need.
`fusionauth.fusionauth_retrieve_refresh_tokens_with_id`	Read `read`	Retrieves the refresh tokens that belong to the user with the given Id.
`fusionauth.fusionauth_retrieve_registration_report_with_id`	Read `read`	Retrieves the registration report between the two instants. If you specify an application Id, it will only return the registration counts for that application.
`fusionauth.fusionauth_retrieve_registration_with_id`	Read `read`	Retrieves the user registration for the user with the given Id and the given application Id.
`fusionauth.fusionauth_retrieve_report_login`	Read `read`	Retrieves the login report between the two instants for a particular user by login Id, using specific loginIdTypes. If you specify an application id, it will only return the login counts for that application. OR Retrieves the login report between the two instants for a particular user by login Id. If you specify an application Id, it will only return the login counts for that application. OR Retrieves the login report between the two instants for a particular user by Id. If you specify an applic
`fusionauth.fusionauth_retrieve_status`	Read `read`	Retrieves the FusionAuth system status using an API key. Using an API key will cause the response to include the product version, health checks and various runtime metrics. OR Retrieves the FusionAuth system status. This request is anonymous and does not require an API key. When an API key is not provided the response will contain a single value in the JSON response indicating the current health check.
`fusionauth.fusionauth_retrieve_system_health_with_id`	Read `read`	Retrieves the FusionAuth system health. This API will return 200 if the system is healthy, and 500 if the system is un-healthy.
`fusionauth.fusionauth_retrieve_tenant_with_id`	Read `read`	Retrieves the tenant for the given Id.
`fusionauth.fusionauth_retrieve_theme_with_id`	Read `read`	Retrieves the theme for the given Id.
`fusionauth.fusionauth_retrieve_total_report_with_excludes_with_id`	Read `read`	Retrieves the totals report. This allows excluding applicationTotals from the report. An empty list will include the applicationTotals.
`fusionauth.fusionauth_retrieve_two_factor_recovery_codes_with_id`	Read `read`	Retrieve two-factor recovery codes for a user.
`fusionauth.fusionauth_retrieve_two_factor_status_with_id`	Read `read`	Retrieve a user's two-factor status. This can be used to see if a user will need to complete a two-factor challenge to complete a login, and optionally identify the state of the two-factor trust across various applications.
`fusionauth.fusionauth_retrieve_two_factor_status_with_request_with_id`	Write `write`	Retrieve a user's two-factor status. This can be used to see if a user will need to complete a two-factor challenge to complete a login, and optionally identify the state of the two-factor trust across various applications. This operation provides more payload options than retrieveTwoFactorStatus.
`fusionauth.fusionauth_retrieve_user`	Read `read`	Retrieves the user by a verificationId. The intended use of this API is to retrieve a user after the forgot password workflow has been initiated and you may not know the user's email or username. OR Retrieves the user for the given username. OR Retrieves the user for the loginId, using specific loginIdTypes. OR Retrieves the user for the loginId. The loginId can be either the username or the email. OR Retrieves the user for the given email. OR Retrieves the user by a change password Id. The inte
`fusionauth.fusionauth_retrieve_user_action`	Read `read`	Retrieves the user action for the given Id. If you pass in null for the Id, this will return all the user actions. OR Retrieves all the user actions that are currently inactive.
`fusionauth.fusionauth_retrieve_user_action_reason`	Read `read`	Retrieves the user action reason for the given Id. If you pass in null for the Id, this will return all the user action reasons.
`fusionauth.fusionauth_retrieve_user_action_reason_with_id`	Read `read`	Retrieves the user action reason for the given Id. If you pass in null for the Id, this will return all the user action reasons.
`fusionauth.fusionauth_retrieve_user_action_with_id`	Read `read`	Retrieves the user action for the given Id. If you pass in null for the Id, this will return all the user actions.
`fusionauth.fusionauth_retrieve_user_actioning`	Read `read`	Retrieves all the actions for the user with the given Id that are currently inactive. An inactive action means one that is time based and has been canceled or has expired, or is not time based. OR Retrieves all the actions for the user with the given Id that are currently active. An active action means one that is time based and has not been canceled, and has not ended. OR Retrieves all the actions for the user with the given Id that are currently preventing the User from logging in. OR Retrieve
`fusionauth.fusionauth_retrieve_user_change_password`	Read `read`	Check to see if the user must obtain a Trust Request Id in order to complete a change password request. When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. OR Check to see if the use
`fusionauth.fusionauth_retrieve_user_change_password_with_id`	Read `read`	Check to see if the user must obtain a Trust Token Id in order to complete a change password request. When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. OR Check to see if the user must
`fusionauth.fusionauth_retrieve_user_comments_with_id`	Read `read`	Retrieves all the comments for the user with the given Id.
`fusionauth.fusionauth_retrieve_user_consent_with_id`	Read `read`	Retrieve a single User consent by Id.
`fusionauth.fusionauth_retrieve_user_consents_with_id`	Read `read`	Retrieves all the consents for a User.
`fusionauth.fusionauth_retrieve_user_info_from_access_token_with_id`	Read `read`	Call the UserInfo endpoint to retrieve User Claims from the access token issued by FusionAuth.
`fusionauth.fusionauth_retrieve_user_recent_login`	Read `read`	Retrieves the last number of login records for a user. OR Retrieves the last number of login records.
`fusionauth.fusionauth_retrieve_user_with_id`	Read `read`	Retrieves the user for the given Id.
`fusionauth.fusionauth_retrieve_version_with_id`	Read `read`	Retrieves the FusionAuth version string.
`fusionauth.fusionauth_retrieve_web_authn_credential_with_id`	Read `read`	Retrieves the WebAuthn credential for the given Id.
`fusionauth.fusionauth_retrieve_web_authn_credentials_for_user_with_id`	Read `read`	Retrieves all WebAuthn credentials for the given user.
`fusionauth.fusionauth_retrieve_webhook`	Read `read`	Retrieves the webhook for the given Id. If you pass in null for the Id, this will return all the webhooks.
`fusionauth.fusionauth_retrieve_webhook_attempt_log_with_id`	Read `read`	Retrieves a single webhook attempt log for the given Id.
`fusionauth.fusionauth_retrieve_webhook_event_log_with_id`	Read `read`	Retrieves a single webhook event log for the given Id.
`fusionauth.fusionauth_retrieve_webhook_with_id`	Read `read`	Retrieves the webhook for the given Id. If you pass in null for the Id, this will return all the webhooks.
`fusionauth.fusionauth_revoke_refresh_token_by_id_with_id`	Write `write`	Revokes a single refresh token by the unique Id. The unique Id is not sensitive as it cannot be used to obtain another JWT.
`fusionauth.fusionauth_revoke_user_consent_with_id`	Write `write`	Revokes a single User consent by Id.
`fusionauth.fusionauth_search_applications_with_id`	Write `write`	Searches applications with the specified criteria and pagination.
`fusionauth.fusionauth_search_audit_logs_with_id`	Write `write`	Searches the audit logs with the specified criteria and pagination.
`fusionauth.fusionauth_search_consents_with_id`	Write `write`	Searches consents with the specified criteria and pagination.
`fusionauth.fusionauth_search_email_templates_with_id`	Write `write`	Searches email templates with the specified criteria and pagination.
`fusionauth.fusionauth_search_entities_by_ids_with_id`	Read `read`	Retrieves the entities for the given Ids. If any Id is invalid, it is ignored.
`fusionauth.fusionauth_search_entities_with_id`	Write `write`	Searches entities with the specified criteria and pagination.
`fusionauth.fusionauth_search_entity_grants_with_id`	Write `write`	Searches Entity Grants with the specified criteria and pagination.
`fusionauth.fusionauth_search_entity_types_with_id`	Write `write`	Searches the entity types with the specified criteria and pagination.
`fusionauth.fusionauth_search_event_logs_with_id`	Write `write`	Searches the event logs with the specified criteria and pagination.
`fusionauth.fusionauth_search_group_members_with_id`	Write `write`	Searches group members with the specified criteria and pagination.
`fusionauth.fusionauth_search_groups_with_id`	Write `write`	Searches groups with the specified criteria and pagination.
`fusionauth.fusionauth_search_identity_providers_with_id`	Write `write`	Searches identity providers with the specified criteria and pagination.
`fusionauth.fusionauth_search_ipaccess_control_lists_with_id`	Write `write`	Searches the IP Access Control Lists with the specified criteria and pagination.
`fusionauth.fusionauth_search_keys_with_id`	Write `write`	Searches keys with the specified criteria and pagination.
`fusionauth.fusionauth_search_lambdas_with_id`	Write `write`	Searches lambdas with the specified criteria and pagination.
`fusionauth.fusionauth_search_login_records_with_id`	Write `write`	Searches the login records with the specified criteria and pagination.
`fusionauth.fusionauth_search_tenants_with_id`	Write `write`	Searches tenants with the specified criteria and pagination.
`fusionauth.fusionauth_search_themes_with_id`	Write `write`	Searches themes with the specified criteria and pagination.
`fusionauth.fusionauth_search_user_comments_with_id`	Write `write`	Searches user comments with the specified criteria and pagination.
`fusionauth.fusionauth_search_users_by_ids_with_id`	Read `read`	Retrieves the users for the given Ids. If any Id is invalid, it is ignored.
`fusionauth.fusionauth_search_users_by_query_with_id`	Write `write`	Retrieves the users for the given search criteria and pagination.
`fusionauth.fusionauth_search_webhook_event_logs_with_id`	Write `write`	Searches the webhook event logs with the specified criteria and pagination.
`fusionauth.fusionauth_search_webhooks_with_id`	Write `write`	Searches webhooks with the specified criteria and pagination.
`fusionauth.fusionauth_send_email_with_id`	Write `write`	Send an email using an email template Id. You can optionally provide requestData to access key value pairs in the email template.
`fusionauth.fusionauth_send_family_request_email_with_id`	Write `write`	Sends out an email to a parent that they need to register and create a family or need to log in and add a child to their existing family.
`fusionauth.fusionauth_send_passwordless_code_with_id`	Write `write`	Send a passwordless authentication code in an email to complete login.
`fusionauth.fusionauth_send_two_factor_code_for_enable_disable_with_id`	Write `write`	Send a Two Factor authentication code to assist in setting up Two Factor authentication or disabling.
`fusionauth.fusionauth_send_two_factor_code_for_login_using_method_with_id`	Write `write`	Send a Two Factor authentication code to allow the completion of Two Factor authentication.
`fusionauth.fusionauth_send_verify_identity_with_id`	Write `write`	Send a verification code using the appropriate transport for the identity type being verified.
`fusionauth.fusionauth_start_identity_provider_connection_test_with_id`	Write `write`	Begins an identity provider connection test.
`fusionauth.fusionauth_start_identity_provider_login_with_id`	Write `write`	Begins a login request for a 3rd party login that requires user interaction such as HYPR.
`fusionauth.fusionauth_start_passwordless_login_with_id`	Write `write`	Start a passwordless login request by generating a passwordless code. This code can be sent to the User using the Send Passwordless Code API or using a mechanism outside of FusionAuth. The passwordless login is completed by using the Passwordless Login API with this code.
`fusionauth.fusionauth_start_two_factor_login_with_id`	Write `write`	Start a Two-Factor login request by generating a two-factor identifier. This code can then be sent to the Two Factor Send API (/api/two-factor/send)in order to send a one-time use code to a user. You can also use one-time use code returned to send the code out-of-band. The Two-Factor login is completed by making a request to the Two-Factor Login API (/api/two-factor/login). with the two-factor identifier and the one-time use code. This API is intended to allow you to begin a Two-Factor login out
`fusionauth.fusionauth_start_verify_identity_with_id`	Write `write`	Start a verification of an identity by generating a code. This code can be sent to the User using the Verify Send API Verification Code API or using a mechanism outside of FusionAuth. The verification is completed by using the Verify Complete API with this code.
`fusionauth.fusionauth_start_web_authn_login_with_id`	Write `write`	Start a WebAuthn authentication ceremony by generating a new challenge for the user
`fusionauth.fusionauth_start_web_authn_registration_with_id`	Write `write`	Start a WebAuthn registration ceremony by generating a new challenge for the user
`fusionauth.fusionauth_two_factor_login_with_id`	Write `write`	Complete login using a 2FA challenge
`fusionauth.fusionauth_update_apikey_with_id`	Write `write`	Updates an API key with the given Id.
`fusionauth.fusionauth_update_application_role_with_id`	Write `write`	Updates the application role with the given Id for the application.
`fusionauth.fusionauth_update_application_with_id`	Write `write`	Updates the application with the given Id. OR Reactivates the application with the given Id.
`fusionauth.fusionauth_update_connector_with_id`	Write `write`	Updates the connector with the given Id.
`fusionauth.fusionauth_update_consent_with_id`	Write `write`	Updates the consent with the given Id.
`fusionauth.fusionauth_update_email_template_with_id`	Write `write`	Updates the email template with the given Id.
`fusionauth.fusionauth_update_entity_type_permission_with_id`	Write `write`	Updates the permission with the given Id for the entity type.
`fusionauth.fusionauth_update_entity_type_with_id`	Write `write`	Updates the Entity Type with the given Id.
`fusionauth.fusionauth_update_entity_with_id`	Write `write`	Updates the Entity with the given Id.
`fusionauth.fusionauth_update_form_field_with_id`	Write `write`	Updates the form field with the given Id.
`fusionauth.fusionauth_update_form_with_id`	Write `write`	Updates the form with the given Id.
`fusionauth.fusionauth_update_group_members_with_id`	Write `write`	Creates a member in a group.
`fusionauth.fusionauth_update_group_with_id`	Write `write`	Updates the group with the given Id.
`fusionauth.fusionauth_update_identity_provider_with_id`	Write `write`	Updates the identity provider with the given Id.
`fusionauth.fusionauth_update_integrations_with_id`	Write `write`	Updates the available integrations.
`fusionauth.fusionauth_update_ipaccess_control_list_with_id`	Write `write`	Updates the IP Access Control List with the given Id.
`fusionauth.fusionauth_update_key_with_id`	Write `write`	Updates the key with the given Id.
`fusionauth.fusionauth_update_lambda_with_id`	Write `write`	Updates the lambda with the given Id.
`fusionauth.fusionauth_update_message_template_with_id`	Write `write`	Updates the message template with the given Id.
`fusionauth.fusionauth_update_messenger_with_id`	Write `write`	Updates the messenger with the given Id.
`fusionauth.fusionauth_update_oauth_scope_with_id`	Write `write`	Updates the OAuth scope with the given Id for the application.
`fusionauth.fusionauth_update_registration_with_id`	Write `write`	Updates the registration for the user with the given Id and the application defined in the request.
`fusionauth.fusionauth_update_system_configuration_with_id`	Write `write`	Updates the system configuration.
`fusionauth.fusionauth_update_tenant_manager_configuration_with_id`	Write `write`	Updates the Tenant Manager configuration.
`fusionauth.fusionauth_update_tenant_manager_identity_provider_type_configuration_with_id`	Write `write`	Updates the tenant manager identity provider type configuration for the given identity provider type.
`fusionauth.fusionauth_update_tenant_with_id`	Write `write`	Updates the tenant with the given Id.
`fusionauth.fusionauth_update_theme_with_id`	Write `write`	Updates the theme with the given Id.
`fusionauth.fusionauth_update_user_action_reason_with_id`	Write `write`	Updates the user action reason with the given Id.
`fusionauth.fusionauth_update_user_action_with_id`	Write `write`	Updates the user action with the given Id. OR Reactivates the user action with the given Id.
`fusionauth.fusionauth_update_user_consent_with_id`	Write `write`	Updates a single User consent by Id.
`fusionauth.fusionauth_update_user_family_with_id`	Write `write`	Updates a family with a given Id. OR Adds a user to an existing family. The family Id must be specified.
`fusionauth.fusionauth_update_user_verify_email`	Write `write`	Re-sends the verification email to the user. If the Application has configured a specific email template this will be used instead of the tenant configuration. OR Re-sends the verification email to the user. OR Generate a new Email Verification Id to be used with the Verify Email API. This API will not attempt to send an email to the User. This API may be used to collect the verificationId for use with a third party system.
`fusionauth.fusionauth_update_user_verify_registration`	Write `write`	Re-sends the application registration verification email to the user. OR Generate a new Application Registration Verification Id to be used with the Verify Registration API. This API will not attempt to send an email to the User. This API may be used to collect the verificationId for use with a third party system.
`fusionauth.fusionauth_update_user_with_id`	Write `write`	Updates the user with the given Id. OR Reactivates the user with the given Id.
`fusionauth.fusionauth_update_webhook_with_id`	Write `write`	Updates the webhook with the given Id.
`fusionauth.fusionauth_upsert_entity_grant_with_id`	Write `write`	Creates or updates an Entity Grant. This is when a User/Entity is granted permissions to an Entity.
`fusionauth.fusionauth_validate_jwtwith_id`	Read `read`	Validates the provided JWT (encoded JWT string) to ensure the token is valid. A valid access token is properly signed and not expired. This API may be used to verify the JWT as well as decode the encoded JWT into human readable identity claims.
`fusionauth.fusionauth_vend_jwtwith_id`	Write `write`	It's a JWT vending machine! Issue a new access token (JWT) with the provided claims in the request. This JWT is not scoped to a tenant or user, it is a free form token that will contain what claims you provide. The iat, exp and jti claims will be added by FusionAuth, all other claims must be provided by the caller. If a TTL is not provided in the request, the TTL will be retrieved from the default Tenant or the Tenant specified on the request either by way of the X-FusionAuth-TenantId request he
`fusionauth.fusionauth_verify_identity_with_id`	Write `write`	Administratively verify a user identity.
`fusionauth.fusionauth_verify_user_registration_with_id`	Write `write`	Confirms a user's registration. The request body will contain the verificationId. You may also be required to send a one-time use code based upon your configuration. When the application is configured to gate a user until their registration is verified, this procedures requires two values instead of one. The verificationId is a high entropy value and the one-time use code is a low entropy value that is easily entered in a user interactive form. The two values together are able to confirm a user'