authentication-and-identity-management — quality + safety report

In the Skillier index (lap__frontegg-com-frontegg-identity) · scanned 2026-06-03 · engine: builtin+triage

A
Quality
90/100
Safety

✓ Clean — no heuristic safety flags surfaced.

Heuristic flags from the builtin scanner, which is known to over-flag (it trips on legitimate env-reading integrations, security skills, and library .eval calls). This is NOT an authoritative malicious verdict — re-scan with SkillSpector for the authoritative result. Run the authoritative scan →

Skillproof quality grade A

📇 This skill is in the Skillier index (curated · deduped · quality-filtered). Install Skillier to route & load it into your AI client.

Quality notes

Skill is large (~11111 tokens)
medium · quality · body
→ Tighten to the essential procedure; move long reference material to linked files.
No example
low · quality · body
→ Add at least one worked example (input → expected action/output).

About this skill

Authentication and Identity Management API skill. Use when working with Authentication and Identity Management for resources. Covers 305 endpoints.

📄 Read the SKILL.md
---
name: authentication-and-identity-management
description: "Authentication and Identity Management API skill. Use when working with Authentication and Identity Management for resources. Covers 305 endpoints."
version: 1.0.0
generator: lapsh
---

# Authentication and Identity Management

## Auth
Bearer bearer

## Base URL
https://api.frontegg.com/identity

## Setup
1. Set Authorization header with your Bearer token
2. GET /resources/tenants/access-tokens/v1 -- verify access
3. POST /resources/auth/v2/api-token -- create first api-token

## Endpoints

305 endpoints across 1 groups. See references/api-spec.lap for full details.

### resources
| Method | Path | Description |
|--------|------|-------------|
| POST | /resources/auth/v2/api-token | Authenticate using API token |
| POST | /resources/auth/v2/api-token/token/refresh | Refresh API token |
| POST | /resources/tenants/access-tokens/v1 | Create account (tenant) access token |
| GET | /resources/tenants/access-tokens/v1 | Get account (tenant) access tokens |
| DELETE | /resources/tenants/access-tokens/v1/{id} | Delete account (tenant) access token |
| POST | /resources/tenants/api-tokens/v1 | Create client credentials token |
| GET | /resources/tenants/api-tokens/v1 | Get client credentials tokens |
| DELETE | /resources/tenants/api-tokens/v1/{id} | Delete client credentials token |
| PATCH | /resources/tenants/api-tokens/v1/{id} | Update client credentials token |
| POST | /resources/tenants/api-tokens/v2 | Create client credentials token |
| GET | /resources/tenants/invites/v1/user | Get account (tenant) invite of user |
| POST | /resources/tenants/invites/v1/user | Create account (tenant) invite for user |
| DELETE | /resources/tenants/invites/v1/user | Delete account (tenant) invite of user |
| PATCH | /resources/tenants/invites/v1/user | Update account (tenant) invite of user |
| POST | /resources/tenants/invites/v1/verify | Verify account (tenant) invite |
| GET | /resources/tenants/invites/v1/configuration | Get account (tenant) invite configuration |
| POST | /resources/tenants/invites/v2/user | Create tenant invite with roles for user |
| POST | /resources/tenants/invites/v1 | Create account (tenant) invite |
| GET | /resources/tenants/invites/v1/all | Get all account (tenant) invites |
| DELETE | /resources/tenants/invites/v1/token/{id} | Delete an account (tenant) invite |
| GET | /resources/configurations/v1/activation/strategies | Get activation strategies |
| POST | /resources/configurations/v1/activation/strategies | Create or update activation strategy |
| GET | /resources/configurations/v1/invitation/strategies | Get invitation strategies |
| POST | /resources/configurations/v1/invitation/strategies | Create or update invitation strategy |
| GET | /resources/roles/v2 | Get roles v2 |
| POST | /resources/roles/v2 | Create a new role |
| GET | /resources/roles/v2/distinct-levels | Get distinct levels of roles |
| GET | /resources/roles/v2/distinct-tenants | Get distinct assigned accounts (tenants) of roles |
| POST | /resources/approval-flows/v1 | Create approval flow |
| GET | /resources/approval-flows/v1 | Get approval flows |
| GET | /resources/approval-flows/v1/{id} | Get approval flow by ID |
| PATCH | /resources/approval-flows/v1/{id} | Update approval flow |
| DELETE | /resources/approval-flows/v1/{id} | Delete approval flow |
| POST | /resources/approval-flows/v1/approver-action | Approver action |
| GET | /resources/approval-flows/v1/execution-data | Get approval flow execution data |
| POST | /resources/approval-flows/v1/{id}/execute | Execute approval flow |
| POST | /resources/approval-flows/v1/step-up/execute | Execute step up approval flow |
| POST | /resources/configurations/v1 | Update identity management configuration |
| GET | /resources/configurations/v1 | Get identity management configuration |
| POST | /resources/configurations/v1/captcha-policy | Create captcha policy |
| PUT | /resources/configurations/v1/captcha-policy | Update captcha policy |
| GET | /resources/configurations/v1/captcha-policy | Get captcha policy |
| GET | /resources/configurations/v1/jwt-template-targeting | Get JWT template targeting configuration |
| POST | /resources/configurations/v1/jwt-template-targeting | Create JWT template targeting configuration |
| PUT | /resources/configurations/v1/jwt-template-targeting | Update or create JWT template targeting configuration |
| PATCH | /resources/configurations/v1/jwt-template-targeting/{id} | Update JWT template targeting configuration by ID |
| DELETE | /resources/configurations/v1/jwt-template-targeting/{id} | Delete JWT template targeting configuration by ID |
| POST | /resources/jwt-templates/v1 | Create JWT template |
| GET | /resources/jwt-templates/v1 | Get all JWT templates |
| GET | /resources/jwt-templates/v1/{id} | Get JWT template by ID |
| PUT | /resources/jwt-templates/v1/{id} | Update JWT template |
| DELETE | /resources/jwt-templates/v1/{id} | Delete JWT template |
| GET | /resources/configurations/v1/basic | Get identity management configuration |
| POST | /resources/sso/custom/v1 | Create custom oauth provider |
| GET | /resources/sso/custom/v1 | Get custom oauth provider |
| PATCH | /resources/sso/custom/v1/{id} | Update custom oauth provider |
| DELETE | /resources/sso/custom/v1/{id} | Delete custom oauth provider |
| POST | /resources/migrations/v1/auth0 | Migrate from Auth0 |
| POST | /resources/migrations/v1/local | Migrate a single user |
| POST | /resources/migrations/v1/local/bulk | Migrate users in bulk |
| GET | /resources/migrations/v1/local/bulk/status/{migrationId} | Check status of bulk migration |
| POST | /resources/migrations/v2/local/bulk | Migrate vendor users in bulk |
| GET | /resources/configurations/v1/delegation | Get delegation configuration |
| POST | /resources/configurations/v1/delegation | Create or update delegation configuration |
| POST | /resources/configurations/restrictions/v1/email-domain | Create domain restriction |
| GET | /resources/configurations/restrictions/v1/email-domain | Get domain restrictions |
| GET | /resources/configurations/restrictions/v1/email-domain/config | Get domain restrictions |
| POST | /resources/configurations/restrictions/v1/email-domain/config | Change domain restrictions config list type and toggle it off/on |
| DELETE | /resources/configurations/restrictions/v1/email-domain/{id} | Delete domain restriction |
| POST | /resources/configurations/restrictions/v1/email-domain/replace-bulk | Replace bulk domain restriction |
| POST | /resources/mail/v1/configurations | Create or update configuration |
| GET | /resources/mail/v1/configurations | Get configuration |
| DELETE | /resources/mail/v1/configurations | Delete configuration |
| POST | /resources/mail/v2/configurations | Create or update configuration v2 |
| POST | /resources/mail/v1/configs/templates | Add or update template |
| GET | /resources/mail/v1/configs/templates | Get template |
| DELETE | /resources/mail/v1/configs/templates/{templateId} | Delete template |
| GET | /resources/mail/v1/configs/{type}/default | Get default template by type |
| POST | /resources/auth/v1/user | Authenticate user with password |
| POST | /resources/auth/v1/user/token/refresh | Refresh user JWT token |
| POST | /resources/auth/v1/logout | Logout user |
| POST | /resources/users/v1/signUp | Signup user |
| POST | /resources/users/v1/signUp/username | Signup user with username |
| POST | /resources/configurations/v1/restrictions/ip/config | Create or update IP restriction configuration (ALLOW/BLOCK) |
| GET | /resources/configurations/v1/restrictions/ip/config | Get IP restriction configuration (ALLOW/BLOCK) |
| GET | /resources/configurations/v1/restrictions/ip | Get all IP restrictions |
| POST | /resources/configurations/v1/restrictions/ip | Create IP restriction |
| POST | /resources/configurations/v1/restrictions/ip/verify | Test Current IP |
| POST | /resources/configurations/v1/restrictions/ip/verify/allow | Test current IP is in allow list |
| DELETE | /resources/configurations/v1/restrictions/ip/{id} | Delete IP restriction by IP |
| POST | /resources/configurations/v1/lockout-policy | Create lockout policy |
| PATCH | /resources/configurations/v1/lockout-policy | Update lockout policy |
| GET | /resources/configurations/v1/lockout-policy | Get lockout policy |
| GET | /resources/vendor-only/users/access-tokens/v1/active | Get active access tokens list |
| GET | /resources/vendor-only/users/access-tokens/v1/{id} | Get user access token data |
| GET | /resources/vendor-only/tenants/access-tokens/v1/{id} | Get account (tenant) access token data |
| POST | /resources/auth/v1/user/mfa/recover | Recover MFA |
| POST | /resources/users/v1/mfa/disable | Disable authenticator app MFA |
| POST | /resources/users/v1/mfa/authenticator/{deviceId}/disable/verify | Disable authenticator app MFA |
| POST | /resources/users/v1/mfa/sms/{deviceId}/disable | Pre-disable SMS MFA |
| POST | /resources/users/v1/mfa/sms/{deviceId}/disable/verify | Disable SMS MFA |
| POST | /resources/auth/v1/user/mfa/verify | Verify MFA using code from authenticator app |
| POST | /resources/auth/v1/user/mfa/emailcode | Request verify MFA using email code |
| POST | /resources/auth/v1/user/mfa/emailcode/verify | Verify MFA using email code |
| POST | /resources/auth/v1/user/mfa/authenticator/enroll | Pre enroll MFA using Authenticator App |
| POST | /resources/auth/v1/user/mfa/authenticator/enroll/verify | Enroll MFA using Authenticator App |
| POST | /resources/auth/v1/user/mfa/authenticator/{deviceId}/verify | Verify MFA using authenticator app |
| POST | /resources/auth/v1/user/mfa/sms/enroll | Pre-enroll MFA using sms |
| POST | /resources/auth/v1/user/mfa/sms/enroll/verify | Enroll MFA using sms |
| POST | /resources/auth/v1/user/mfa/sms/{deviceId} | Request to verify MFA using sms |
| POST | /resources/auth/v1/user/mfa/sms/{deviceId}/verify | Verify MFA using sms |
| POST | /resources/auth/v1/user/mfa/webauthn/enroll | Pre enroll MFA using WebAuthN |
| POST | /resources/auth/v1/user/mfa/webauthn/enroll/verify | Enroll MFA using WebAuthN |
| POST | /resources/auth/v1/user/mfa/webauthn/{deviceId} | Request verify MFA using WebAuthN |
| POST | /resources/auth/v1/user/mfa/webauthn/{deviceId}/verify | Verify MFA using webauthn |
| GET | /resources/configurations/v1/mfa-policy/allow-remember-device | Check if remember device allowed |
| POST | /resources/users/v1/mfa/enroll | Enroll authenticator app MFA |
| POST | /resources/users/v1/mfa/authenticator/enroll | Enroll authenticator app MFA |
| POST | /resources/users/v1/mfa/enroll/verify | Verify authenticator app MFA enrollment |
| POST | /resources/users/v1/mfa/authenticator/enroll/verify | Verify authenticator app MFA enrollment |
| POST | /resources/users/v1/mfa/sms/enroll | Enroll SMS MFA |
| POST | /resources/users/v1/mfa/sms/enroll/verify | Verify MFA enrollment |
| POST | /resources/configurations/v1/mfa | Update MFA configuration |
| GET | /resources/configurations/v1/mfa | Get MFA configuration |
| POST | /resources/configurations/v1/mfa-policy | Create MFA policy |
| PATCH | /resources/configurations/v1/mfa-policy | Update security policy |
| PUT | /resources/configurations/v1/mfa-policy | Upsert security policy |
| GET | /resources/configurations/v1/mfa-policy | Get security policy |
| GET | /resources/configurations/v1/mfa/strategies | Get MFA strategies |
| POST | /resources/configurations/v1/mfa/strategies | Create or update MFA strategy |
| POST | /resources/configurations/v1/password | Create or update password configuration |
| GET | /resources/configurations/v1/password | Get password policy configuration |
| POST | /resources/configurations/v1/password-history-policy | Create password history policy |
| PATCH | /resources/configurations/v1/password-history-policy | Update password history policy |
| GET | /resources/configurations/v1/password-history-policy | Get password history policy |
| POST |

… (truncated)
Scan or optimize your own skill →

Want a live grade + an embeddable README badge? Run your skill through the free scanner.

Other quality-A skills: 3d-web-experience [TODO: lowercase-hyphen-case-name] accessibility-compliance-accessibility-audit adhx agent-manager-skill agent-md-refactor agent-messaging agent-orchestration-multi-agent-optimize

Graded independently by Skillproof — nothing to sell the author. Quality is mechanical + corpus-grounded; safety flags are heuristic (builtin+triage), not a malicious verdict.