Get Settings Flow
GET/auth/self-service/settings/flows
When accessing this endpoint you must ensure that either the Session Cookie or the Session Token are set.
Depending on your configuration this endpoint might return a 403 error if the session has a lower Authenticator Assurance Level (AAL) than is possible for the identity. This can happen if the identity has password + webauthn credentials (which would result in AAL2) but the session has only AAL1. If this error occurs, ask the user to sign in with the second factor or change the configuration.
If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the
case of an error, the error.id of the JSON response body can be one of:
security_csrf_violation: Unable to fetch the flow because a CSRF violation occurred.
session_inactive: No Session was found - sign in a user first.
security_identity_mismatch: The flow was interrupted with session_refresh_required but apparently some other
identity logged in instead.
Request
Responses
- 200
- 401
- 403
- 404
- 410
- default
settingsFlow
errorGeneric
errorGeneric
errorGeneric
errorGeneric
errorGeneric