openapi: 3.0.0 info: title: Authentication API version: 1.0.0 paths: /api/auth/login: post: summary: Login with username/password requestBody: required: true content: application/x-www-form-urlencoded: schema: type: object properties: username: type: string password: type: string responses: '200': description: Successful login content: application/json: schema: $ref: '#/components/schemas/Token' '401': description: Invalid credentials /api/auth/login/adfs: get: summary: Initiate ADFS login flow responses: '302': description: Redirect to ADFS provider /api/auth/callback/adfs: get: summary: ADFS callback handler parameters: - in: query name: code schema: type: string required: true responses: '200': description: Successful login via ADFS content: application/json: schema: $ref: '#/components/schemas/Token' /api/auth/me: get: summary: Get current user profile security: - bearerAuth: [] responses: '200': description: User profile content: application/json: schema: $ref: '#/components/schemas/User' /api/admin/users: get: summary: List all users security: - bearerAuth: [] responses: '200': description: List of users content: application/json: schema: type: array items: $ref: '#/components/schemas/User' post: summary: Create a new user security: - bearerAuth: [] requestBody: required: true content: application/json: schema: $ref: '#/components/schemas/UserCreate' responses: '201': description: User created components: securitySchemes: bearerAuth: type: http scheme: bearer bearerFormat: JWT schemas: Token: type: object properties: access_token: type: string token_type: type: string User: type: object properties: id: type: string username: type: string email: type: string roles: type: array items: type: string UserCreate: type: object properties: username: type: string password: type: string roles: type: array items: type: string